A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Our security address









Contact: mailto:csirt@kindredgroup.com









# Our OpenPGP key









Encryption: https://keys.openpgp.org/search?q=csirt@kindredgroup.com









# Our Security Policy









Policy: https://www.kindredgroup.com/globalassets/documents/about/rfc2350.pdf









# Our Bug Bounty Program









Bug Bounty program: https://hackerone.com/kindred_group









# Our acknowledgements









Acknowledgements: https://hackerone.com/kindred_group/thanks