POL-03
POLICY · SECURITY
DALOSTECH-WEBSecurity
Last updated 2026-05-12
Overview of DalosTech security practices and coordinated vulnerability disclosure.
- § 1.0
Security practices
- Least-privilege access controls across environments
- Credential and secret lifecycle management
- Patch management and dependency update cadence
- Monitoring and alerting for security-relevant events
- Documented incident response and post-incident review
- § 2.0
Vulnerability reporting
- Report vulnerabilities to [email protected] with reproducible steps and impact details.
- Acknowledgment target: within 2 business days.
- Triage status and remediation timelines are shared after validation.
- Avoid accessing customer data beyond what is needed to demonstrate the issue.