Our commitment to security and transparency
âś… Active: EV Code Signing Certificate
All BruteFence executables and installers are digitally signed with an Extended Validation (EV) Code Signing Certificate issued by Certum CA. This provides instant trust with Windows SmartScreen.
Issued to: Infotipp Rendszerház Kft. | Valid until: February 2027
For additional security, you can verify the downloaded file using SHA256 hash comparison.
Get-FileHash -Algorithm SHA256 .\BruteFence-Setup.exeFound a security vulnerability? Please report it responsibly to our security team.
support@brutefence.comResponse time: 24-48 hours for security-related issues
We're explicit about this because trust depends on it. What BruteFence sends out: your license key, the software version number, a hardware fingerprint (used to bind the license to your machine), and a single request to brutefence.com/api/ip to detect the server's public IP address for the InfoTipp customer whitelist check. That's it. No behavioral telemetry. What BruteFence never sends: attack logs, blocked IP addresses, usernames, passwords, file paths, screenshots, crash reports, or any other usage data. Every event your server processes — every failed login, every blocked attacker, every honeypot hit — stays on your machine, in your local logs, and never leaves.
The little data that does leave your server is protected end-to-end. DPAPI encryption secures sensitive registry values on the local machine, so even another administrator on the same server cannot read your license key in plain text. HTTPS-only communication is enforced for every license validation call and update check — there is no fallback to HTTP. The license validation server runs on Infotipp's own infrastructure in Hungary (EU) as a dedicated service, separated from unrelated applications. On the website itself, visitor IP addresses are hashed with SHA256 before any analytics processing, and we use no third-party tracking pixels.
Infotipp Rendszerház Kft. is the data controller, headquartered in Budapest, Hungary, operating under EU jurisdiction. The legal basis for the minimal data we process is contract performance — license validation is required to deliver the software you paid for. You have the standard GDPR rights: access, correction, deletion, and data portability. Because we collect almost nothing in the first place, exercising these rights is straightforward — email us and we can confirm or remove your license record within a few business days. We do not share data with third parties, do not sell data, and do not use it for marketing.
If you discover a security vulnerability in BruteFence, we want to hear about it. Email support@brutefence.com with a description of the issue, steps to reproduce, and the affected version. Security-related reports are prioritized and we aim to respond within 24-48 hours. We ask that you give us a reasonable window to investigate and release a fix before publicly disclosing the issue. As a small Hungarian company we do not currently run a paid bug bounty program, but we sincerely appreciate responsible disclosure and will credit researchers in the changelog where appropriate.
© 2026 BruteFence. Developed by InfoTipp Rendszerház Kft. - Remote Desktop Protection since 2002.