If you want to save your checklists and keep an eye on your progress, we recommend you use a strong password. If someone gets their hands on your phone, you don’t want them to review your security protocols. We haven’t made this compulsory in case you weren’t storing much, but we think you’re better safe than sorry.
Anything you input into Umbrella is only stored on your device. We can’t see it or give it to anyone else. We also can’t recover your data if you accidently delete it or forget your password.
If you want to use the dashboard to get up-to-date information on risks in your area, enter your nearest city. We can’t see it, and we don’t track your location.
Umbrella code is available here. The code has been positively audited by the independent security code audit company, iSec Partners. Read the full review here.
Security First also participates in the HackerOne bug bounty system, an information security best practice. In return, you get free swag and recognition. Visit our page and read the rules here. (Sign up for an account if you don’t have one.)
Umbrella is licensed under a GNU General Public Licence, GPLv3, and we encourage you to modify it under the licence conditions. Find out more.
If you find a security critical issue, please read our responsible disclosure policy.
Umbrella builds on the expertise of a wide range of partners in the human rights, humanitarian aid, and open tech sectors, as well as the industry leading security programme developed by Security First CEO Rory Byrne. Content licences and credits are available here.
Umbrella content is published under a Creative Commons licence, CC BY-SA 3.0, so you can reuse it under the licence conditions. Find out more.