POL-03

POLICY · SECURITY

DALOSTECH-WEB

Security

Last updated 2026-05-12

Overview of DalosTech security practices and coordinated vulnerability disclosure.

  1. § 1.0

    Security practices

    • Least-privilege access controls across environments
    • Credential and secret lifecycle management
    • Patch management and dependency update cadence
    • Monitoring and alerting for security-relevant events
    • Documented incident response and post-incident review
  2. § 2.0

    Vulnerability reporting

    • Report vulnerabilities to [email protected] with reproducible steps and impact details.
    • Acknowledgment target: within 2 business days.
    • Triage status and remediation timelines are shared after validation.
    • Avoid accessing customer data beyond what is needed to demonstrate the issue.