A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



Contact: contact@elimurray.co.uk

Encryption: https://elimurray.co.uk/.well-known/pgp.asc

Preferred-Languages: en

Canonical: https://example.com/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----



iQEzBAEBCAAdFiEEIlyJCabUK1wY2mT2sfTQeQpZZ20FAlze0H4ACgkQsfTQeQpZ

Z22Zqwf/TPpYr7McBYSeEnb0H8GyKm9jJ4Mp7Hl3Sd6bY8vqZGN3khcHPM33mnh7

1eEJIs/a8QBry7Lnn4AYRm3QnHxC3Yi2pEGQhQaFnyuBW8erNQAQX7G/HuEalLJ4

BVxwSsY8NzY3oEDRiBKuRj1VNleS5cmsiYJ7iXnRL1LPMLt46cFM6cb8ZksBLTPN

G5TzS94Cs8v9/51ph8KLrkBiOZEMc38EgwWhlkzsvR3fOLH1qAIQlGpBnliqk5G8

OMbt8yKZAyk5AkpGsn4mExZ3yD8tgjm1sivylL3/EzFr5pAa2t52r6QuxjnvYYnG

zc+RY39Ni3PuFdZlJXRa7BxLClLxdA==

=eyAZ

-----END PGP SIGNATURE-----