A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----










Hash: SHA512





















Contact: whitehats@reddit.com










Expires: Wed, 13 Oct 2021 12:00 -0500










Acknowledgments: https://www.reddit.com/trophies










Preferred-Languages: en










Canonical: https://www.reddit.com/.well-known/security.txt










Policy: https://hackerone.com/reddit?type=team










Hiring: https://boards.greenhouse.io/reddit










-----BEGIN PGP SIGNATURE-----





















iQJIBAEBCgAyFiEE1cD4xEQeM0fIV4BUct81iRYiOc8FAmB1pV8UHHNlY3VyaXR5










QHJlZGRpdC5jb20ACgkQct81iRYiOc+VFhAAjvE8UHD50pq//orArxNoj1Jq4j4z










zRXL7mCC+7UaGIdaPy6xP53//SQ+09eIL1LwhyAsHNqWcVFt5rld6DIZRl7Xw/s7










+R3lS6+ILRCj6fAa2+W0aIODSlA40NF+ZJiw0PQUDaupJGmtNjMSqBTz/nAbQ1x9










vfwAM1X5h7d89/QqoHiVMqkqk96NMA+Y6kqTTv4ahc92DsKpNoWnTdX0/mBHrVbl










l6vgZEXgozcbrcaKosFdUTUGrPvefSbExMXwkZbw+XpLZLN0FhRAulsb69PDoZEA










LsAwvyhC+p23JWQE3tWkcuXmwhkQamu/t3jqFFtIYzCb/mvqDLSZzsUPEY4d3Clk










C1u9TuqTRIB7hKCXUmeF0OYj+UqRPGnDN2wvHlDypJeCq2CPRDa1w8fYbG8pu8Ba










XgQj4G6S6xmPtrLDegZas1gvJHkNqF/M1YiR14PDPHnmoxKeWve3ALVYJ3gZQ0NP










/sUrJQRKF2WCzESfmw8flLgfyan49CI7n2qbXV4v/0HIeYEvOPlX9STwDbZynNcy










Batp7KU/6JAkxfT2rdaV0e7V2foqAI95tWoX6wMc6Pngw3e/ltwJZy9T2+iOzQDH










4aIXgYHY10gM+PfF3ZeL7w/pfIebNMJWj9OJdrCiRwPq3lfsNyd8FXgvPaN4zahv










RTwPbuNLC/i+vps=










=IrMf










-----END PGP SIGNATURE-----