A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Contact information
Contact: mailto:it-security@fh-muenster.de
Encryption: https://www-backend.fh-muenster.de/informationssicherheit/downloads-inf/it-security_fh-muenster.crt
Encryption: https://www-backend.fh-muenster.de/informationssicherheit/downloads-inf/GRP-IT-Security_0xDC7D5624_public.asc
Preferred-Languages: de,en

# We appreciate the responsible disclosure of vulnerabilities related to our networks or systems
# Please note: We sadly cannot offer any bounties or rewards
Policy: https://www.fh-muenster.de/de/informationssicherheit/fhms-cert/responsible-disclosure
Acknowledgments: https://www.fh-muenster.de/de/informationssicherheit/fhms-cert/hall-of-fame

Canonical: https://www.fh-muenster.de/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQkIfYqMlSA5U+Y+3Aaplbo3H1WJAUCZ1sHlQAKCRAaplbo3H1W
JBD5AQCTrXTEJc/0qjZdvtsu2m9XTDEHzSyNT+kVBLQ2L5tYxAEAwqQQI/omL1sf
L9Rj6gXnRSfQJ/v5I+Eqsgk2dAEOawM=
=ywqq
-----END PGP SIGNATURE-----