A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:security@video-ia.net
Contact: https://video-ia.net/security
Expires: 2025-12-31T23:59:59.000Z
Encryption: https://video-ia.net/pgp-key.txt
Acknowledgments: https://video-ia.net/security/acknowledgments
Preferred-Languages: en, fr, es, it, pt, nl, ja, de
Canonical: https://video-ia.net/.well-known/security.txt
Policy: https://video-ia.net/security/policy

# Security Policy
We take security seriously and appreciate responsible disclosure of vulnerabilities.

# Scope
- video-ia.net domain and subdomains
- API endpoints
- Database security
- Authentication systems

# Out of Scope
- Social engineering attacks
- Physical attacks
- Denial of service attacks
- Spam or social engineering

# Rewards
We offer recognition and may provide rewards for valid security reports.

# Response Time
We aim to respond to security reports within 48 hours and provide updates every 7 days.

# Reporting Process
1. Email security@video-ia.net with detailed information
2. Include steps to reproduce the vulnerability
3. Provide your contact information
4. Wait for our response before public disclosure

# Thank you
Thank you for helping keep Video-IA.net secure!