A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: ssb:feed:ed25519:f_6sQ6d2CMxRUhLpspgGIulDxDCwYD7DzFzPNr7u5AU=
Contact: mailto:cel@celehner.com
Encryption: https://celehner.com/3413F006.asc.txt
Canonical: https://celehner.com/.well-known/security.txt
Preferred-Languages: en
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEHWD2FlX6K57JEJdawo2VuwEjZ+oFAlyK3YkACgkQwo2VuwEj
Z+r4xw//crvD7Ul5cIZifmIN+t2+g08szGtwtcipRTpNmlQBgQTpjb+ouJAGfvyj
6dhgsMU6gT1Pl2QVpi8KGQ3KySR1WAVvZHTDzkSFYa7vk0H4LdjS7rje8jFhnNai
UHwDimBceuNXU6UgX0ij+evlQKV7qEZSSA5fFaYf9LwJNts/uBMBZtWUkNgRITDF
hMuaHrgLgu3Tt9MpUymcm2qM0oC5y5m0Es/0+FMzDLo4ZnSGWODAL/Z8vP0qqfBd
mb3MfH7SXbHEAqP/8gJQCqWGzQ6CcjsRy4mrlm0ri0cdGSEofCo9kiekJnbyXrqZ
WURNTDyWD5+q9TBDz1fbqS6ycmOibjqPrqrDSybPNb9/Udp0v6pASNxMleIL5H62
H7bR9WdtPnPlkWdP/6dAiXU6R7UQ4Xvyxy8rgEQ5ZRDXjz4uzdfqiXp1fT4ej/GI
rjOlYvB4T40Qkg0LDD/VykFyDkcROTnNHsFmqYZ7fo9qF6smNhwGT4wFEhEAFJSb
GjeoLUPTeRTUxMqk6wGWLFsturT250lXmVkt+mFufH5XxNFtVi8t+j9XpKgxqNfH
33rGw92lxHvvgNnUaPvkDnq9KtxJmFGgoRzm/hM2VIq6Wsow83OEIBsaZ5RhKgAU
R8129pwisr1fm11IcGay3Z/AcgReBxg1Y2FCjL2NK/RTF3wU8Os=
=5oO3
-----END PGP SIGNATURE-----