A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@amazee.io
Expires: 2024-11-01T04:59:00.000Z
Encryption: https://amazee.io/pgp-key.txt
Preferred-Languages: en, de
Canonical: https://www.amazee.io/.well-known/security.txt
Hiring: https://www.amazee.io/careers

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQbWEKY+qQBkBwIEm0V0Xca4+3bzwUCZQxAMgAKCRAV0Xca4+3b
z7sYAP4+Igl3Vd2lNJzKWipvB8jl9IPeGytOruX8zACtBKCCuwD/bQmQLGbBRYjr
ywgvmsoZ0s9SpXyQyW1ywaqcI6z4Ywc=
=+4DI
-----END PGP SIGNATURE-----