A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Orby AI, Inc. - reporting security vulnerabilities to Orby AI

# How to communicate about security issues.
Contact: mailto:security@orby.ai

# The date and time when the content of the security.txt file should be considered stale
Expires: 2024-01-27T07:59:00.000Z

# Preferred languages for communication.
Preferred-Languages: en, zh

# The most common URL for accessing this security.txt file.
Canonical: https://orby.ai/.well-known/security.txt

# What security researchers should do when searching for or reporting security issues.
Policy: https://trust.orby.ai

# Please see https://securitytxt.org/ for details of the specification of this file.