SurgePulse™ — Real-Time Profit Radar

User Management Logout
Market is: Closed
Loading live prices…
Market closed — showing after-hours data
1. Account Security
All user passwords are protected using bcrypt hashing with unique salts. Passwords are never stored in plain text and never retrievable by administrators or system operators. Access to accounts requires correct authentication using encrypted password comparisons.
2. Session Protection
The platform uses secure server-side sessions with Flask’s built-in session protection. Sessions include:
  • Essential session cookies only
  • Automatic CSRF token integration
  • Session invalidation on logout
  • Protection from session fixation attacks
3. CSRF Protection
All POST requests are secured using Flask-WTF CSRF protection. Each form includes a CSRF token to prevent unauthorized or cross-site request submissions.
4. Data Storage Security
All user information and logs are stored on a secure Render.com Persistent Volume. Access to this volume is restricted to the web application only. No public access is allowed to internal logs, AI files, or database files.
5. API Key & Environment Variable Security
Sensitive keys such as the Polygon API key and Telegram bot token are stored exclusively in environment variables. They are not exposed in frontend code and are not embedded in any client-side JavaScript.
6. Protection Against Common Attacks
The system includes built-in safeguards against common attack vectors:
  • SQL Injection: All database queries use parameterized statements.
  • XSS: Jinja2 templates auto-escape unsafe content.
  • Brute Force: bcrypt hashing introduces natural rate-limiting.
  • Directory Traversal: No user file uploads or editable file paths.
  • Unauthorized API Access: All protected endpoints require authentication.
7. Infrastructure Security
The platform is hosted using isolated containers on Render.com. This architecture provides:
  • HTTPS enforced traffic
  • Private container environments
  • No shared processes with other tenants
  • Automatic system-level patching by Render
8. Logging & Monitoring
The system logs:
  • Server errors
  • Prediction engine failures
  • Market API issues
  • Unauthorized admin attempts
These logs are stored privately and never exposed publicly.
9. Data Access Controls
Access to sensitive data is strictly controlled:
  • Administrators cannot view user passwords (only reset them)
  • Database access is restricted to the server
  • Admin routes require explicit admin privileges
  • User data is never shared with third parties
10. AI Model & Log Security
Machine learning model files, scalers, logs, and surge reports are accessible only within the protected server environment. No direct endpoint exposes internal data structures or model weights.
11. User Security Responsibilities
Users are responsible for:
  • Maintaining strong passwords
  • Not sharing accounts
  • Protecting their device and browser environment
  • Reporting suspicious activity immediately
12. Incident Response
In the event of a suspected security breach:
  • Compromised accounts may be automatically locked
  • Admin will review logs for unusual activity
  • Passwords may be reset for affected users
  • Patches will be deployed through Render’s container system
Users will be notified if their account requires urgent action.