A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Security Policy for Your Visual Eye (urveye.com)
# Last updated: 2025-12-29

Contact: mailto:security@urveye.com
Expires: 2026-12-31T23:59:59.000Z
Preferred-Languages: ar, en
Canonical: https://urveye.com/.well-known/security.txt

# If you discover a security vulnerability, please report it to us responsibly.
# We appreciate your help in keeping our platform secure.

# Policy
# - We will respond to your report within 72 hours
# - We will keep you informed of our progress
# - We will not take legal action against security researchers acting in good faith