A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@heinlein-support.de
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/97D03F8235095AA28BF8BE9738A6F02C8F913EB4
Preferred-Languages: de, en
Canonical: https://www.heinlein-support.de/.well-known/security.txt
Canonical: https://www.jpberlin.de/.well-known/security.txt
Canonical: https://mailbox.org/.well-known/security.txt
Hiring: https://heinlein-support.de/jobs
Expires: 12 Jan 2025 00:00:00 UT
-----BEGIN PGP SIGNATURE-----

iQJRBAEBCAA7FiEEl9A/gjUJWqKL+L6XOKbwLI+RPrQFAmWfzpwdHHNlY3VyaXR5
QGhlaW5sZWluLXN1cHBvcnQuZGUACgkQOKbwLI+RPrQhtQ/6A/GIBfLhj/71hDqT
G7dgsZtKbd30UkYUXa2eVK4x+b0Vio4Dy6KuLWpH6IUuKvi5sBayD2VYgDp03pIG
ODC4EqxEorun4N6C9gJaxZrM0PoWZTmcc9daY86wvI3KnLdqWlU/E05jGKMidhvJ
YNtUBXKmk221hbgi/OVS1N5PJoTNzQysU5ievk11kElh9T5MBhfpzhOCTiyS+ujJ
BUpuq9Yy/87dKaoZBM2Zlc61vJYUebiz33mbOAXbBx6yyIk02aqrsnEcjrekcePE
h1OVGp+I5aKtQlNxqWDw3NYacuIuh6mXdv+WujI2qNaRMkZ/vBoouL8prFuRbOFJ
7/vxqXVIPIn/kA8tVziEi/9HVUKdUfxc/4euiIZw3se374X+71MJLh4pIOfv1Ec2
i9FCmraVl4N5Idnk0/yFAn7obixJBb9LCBLbuhfrB7z8ahRV3NB/sDCrCAurpdgO
TcdLlqGX7eMb7uPhL5kHiO+w2lUxgpTH1eTHrICnqylo2YPMNcaPr6iieGIYP7vW
MxTZdXMQGrGCYOz+5+RatIwETfYtDvhDVv3RS1brA0HMS7vD0e8TkH5zXU75qyLM
/HqZYW8C9o7MGixBCc7MzwfmPItq2oxdRxPT9aNBaGoXuyPjUrqE27QHqLQ4gg/L
tlCkXoFKd+v0dsRTwnTD0jdF+Zo=
=+q/i
-----END PGP SIGNATURE-----