A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

#In case of security incidents please contact the
#Information Security Office 
Contact: mailto:information.security@usz.ch 

#Regarding vulnerability reports we have a Private Bug Bounty Program at Intigriti. 
#Free to contact us! We would be glad to invite you into our Bug Bounty Program
Contact: mailto:information.security@usz.ch 
Policy: https://kb.intigriti.com/en/articles/5466165-researcher-terms-conditions

Preferred-Languages: en, de, it
Expires: 2026-01-30T08:00:00.000Z