Last updated June 23, 2025
As a security company, we have a commitment to providing a secure and trusted platform to our users. We value security researchers and others who keep a watchful eye and responsibly disclose security issues.
If you believe you have discovered a vulnerability, privacy issue, exposed data, or other security issues in any of our assets, we want to hear from you. This policy outlines steps for reporting vulnerabilities to us, what we expect, what you can expect from us.
This policy applies to any digital assets owned, operated, or maintained by Risk Ledger Ltd.
When working with us, according to this policy, you can expect us to:
In participating in our vulnerability disclosure program in good faith, we ask that you:
Please report security issues via mailto:security@riskledger.com, providing all relevant information. The more details you provide, the easier it will be for us to triage and fix the issue.
Risk Ledger may authorise and invite you to conduct additional research based on your initial disclosure. When conducting such additional Risk Ledger authorised vulnerability research within the agreed, defined scope, according to this policy:
If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please stop and contact us through our Official Channel before going any further.
Security.txt provides a machine-readable file which defines core attributes or your VDP, and is designed to be hosted on websites.
The security.txt file should be placed under the /.well-known/
path (/.well-known/security.txt
) on websites. It can also be placed in the root directory (/security.txt
) of a website, especially if the /.well-known/
directory cannot be used for technical reasons or as a fallback. The file can be placed in both locations of a website at the same time.
For more information visit https://securitytxt.org and the associated RFC9116.
Risk Ledger Ltd security contacts and policy
Our security contact channels
Contact: mailto:security@riskledger.com
Link to our vulnerability disclosure policy
Policy: https://riskledger.com/contact
Languages that our team speaks and understands
Preferred-Languages: en-US
Expiration date for this security.txt file
Expires: 2026-06-16T07:52:59z
The DNS Security TXT standard provides machine-readable records that define core attributes of your VDP, and is designed to be hosted using DNS TXT records in your domain/s.
Just as security.txt can be deployed into either the root or the .well-known
directory of a webserver, DNS Security TXT can be deployed to either the apex of a domain, or under a specially created _security.<domain.com>
subdomain. This approach allows organizations to decide the approach that suits them best.
For more information visit https://dnssecuritytxt.org.
Enter your domain to customize the DNS records below:
No organisation is an island.