> ## Documentation Index
> Fetch the complete documentation index at: https://support.locker.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Assessment

> How Locker ensures continuous security through internal testing, independent audits, and bug bounty programs.

## Security Assessment

Security testing is of paramount importance to Locker before we deliver the product to users. We believe that building and ensuring product safety is not a one-time event but a continuous process. The Locker team considers secure product design and implementation a mandatory part of the software development process, but we also recognize that there are security vulnerabilities beyond our initial calculations. Therefore, security monitoring and testing is a daily activity at Locker.

Locker applies security testing with 3 methods:

* **Internal testing:** Locker is developed by [CyStack](https://cystack.net/?_gl=1*1av2sq2*_gcl_au*NDY2OTM1MTAyLjE3NzIwODk5MTc.*_ga*MTUxMDE4MDYxNi4xNzYzMTgwNDMx*_ga_5Y2L530XT3*czE3NzI0MTc3MzIkbzgkZzEkdDE3NzI0MjA1MTgkajU3JGwwJGgw), one of the leading cybersecurity companies in Vietnam. We have a talented team of security experts recognized in the global security community, and they are directly involved in the design, testing, and daily monitoring of Locker's security.
* **Independent partner testing:** We are working with several independent security partners who are companies with years of experience auditing and penetration testing password management systems. We will soon publish their security reports on Locker.
* **Bug Bounty program testing:** Locker runs a bug bounty program through the community security platform [WhiteHub](https://whitehub.net). Thousands of security experts around the world are helping us find security vulnerabilities and making Locker more secure.

Security testing is conducted as a preventive measure, and we will fix all security issues as soon as they are discovered. We want to emphasize that no matter how significant a security issue may be, it will never result in a breach of user data.

Even in the worst-case scenario where Locker is attacked or the database is leaked, user data will remain absolutely safe because Locker uses [end-to-end encryption](/en/locker-whitepaper/security-fundamentals/end-to-end-encryption) and user data is encrypted locally, meaning any data obtained by an attacker will be completely meaningless and unusable.
