low-angle photography of four high-rise buildings

Vulnerability Disclosure Policy

This policy governs information security breaches or vulnerabilities within Orun Group. It sets out procedures for reporting data breaches or vulnerabilities found in Orun Group’s systems to ensure swift resolution and minimize harm. All vulnerabilities or breaches must be reported to info@orungroups.com.

Reporting Guidelines

  • Cease testing and notify us immediately upon discovering a vulnerability or exposure of nonpublic data.

  • Provide details such as the date, description, affected systems, and steps to reproduce the issue.

  • Use tools, images, or documentation to clarify the issue.

Security Researchers Must:

  • Purge nonpublic data after reporting a vulnerability.

  • Limit viewing or storing data to what is necessary for documentation.

Security Researchers Must Not:

  • Test systems outside the scope defined below.

  • Engage in physical testing, social engineering, DoS attacks, or introduce malicious software.

  • Disclose vulnerabilities without authorization.

Scope of Systems

Research is limited to the following systems:

Severity Assessment

We assess severity based on the type of data involved, number of individuals affected, security measures in place, and potential harm or media attention.

Anonymity and Communication

Reports can be submitted anonymously, but contact details are encouraged for clarification. Thank you for helping us maintain a secure environment. For questions, contact info@orungroups.com.

Transforming businesses through innovative solutions.

© 2025. All rights reserved.

Privacy Policy

Terms of Use

Contact Us

Vulnerability Disclosure Policy