Securing the Future of Feedback: CaseFusion CFMHub Achieves Grade A Rating

In the world of Community Feedback Mechanisms (CFM), data isn't just information, it's a trust exercise. With CaseFusion CFMHub, we take that trust seriously. That's why we are excited to share the results of our recent, multi-phase security pentesting conducted in partnership with the United Nations International Computing Centre (UNICC) Redunit team.

We are proud to announce that CaseFusion CFMHub has officially achieved an Overall Security Rating of A.

The Journey to "Grade A"

Security isn't a one-time checkbox; it's a rigorous process of testing, learning, and hardening. Our journey began with an intensive initial assessment by the UNICC Redunit team from 30 June to 4 July 2025. This phase allowed us to identify potential vulnerabilities under the most demanding conditions.

Following that audit, our engineering team spent months refining our architecture. On 9 April 2026, the UNICC team performed a final remediation verification, confirming that our systems now meet a high standard of resilience and data protection.

What This Means for Our Partners

A "Grade A" rating signifies that CaseFusion CFMHub has implemented a robust "defense-in-depth" strategy. We've successfully neutralized high-severity risks to ensure that the data of the organizations and communities we serve remains private and tamper-proof.

Here are a few of the technical milestones we reached during this process:

• Sanitizing Data Exports: We mitigated risks associated with CSV formula injections, ensuring that when you export your data, it remains safe to open in any spreadsheet application without risk to your local system.
• Hardening Access: We've moved beyond basic logins. By enforcing a stringent, complex password policy (12+ characters with a diverse character set), we've significantly raised the bar against unauthorized access.
• Shielding our Infrastructure: We disabled GraphQL introspection and enforced "Secure" flags on all session cookies, effectively hiding the inner workings of our backend from potential attackers and ensuring all session data is encrypted in transit.

Beyond the Score

While we are thrilled with the "A" rating, our work doesn't stop here. Cybersecurity is an ever-evolving landscape. By working with the UNICC, the gold standard for international technology services, we've established a baseline of excellence that we intend to build upon every day.

We believe that those striving to make the world a better place deserve tools that are as resilient as they are. At CaseFusion CFMHub, we're honored to provide that security, so you can focus on the feedback that matters.

Want to learn more about our security frameworks or how CaseFusion CFMHub can support your organization? Contact our team today.