A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



Contact: mailto:sirt@frequentis.com

Contact: https://www.first.org/members/teams/frequentis_sirt

Encryption: https://www.first.org/members/teams/frequentis_sirt

Preferred-Languages: en, de

Canonical: https://www.frequentis.com/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----



iQIzBAEBCAAdFiEEowwSIu2fqfKLwkXwJsqlNK1jhIQFAl1LzE0ACgkQJsqlNK1j

hIRlEhAAlFy3K9LcMGd2QyklQRty0sulIVYQUcd9vJYeoiQBtBGtnqPGcJyYASPr

J9ojp+LZq09hJGleROzUy//IUR4fTi8UTtT6O+PUwdnZQLnT9UmNkYKaoES8sYot

V9knA9cu1OmBRJ6xXYAJGFceLpDvRIwmKBHR4Hgm52lxdO8ZRU40qpxydDyJsJmO

BeEnWlCFbk397L4Kinb4j9lYe3KGCqpySRfsSd6vcSUcmntx6P8vtfv38/6GwFn3

pXOydbGDmvawTqiQTBt0XNHtiSPWzJ0cHIRivctiI8WVp6JYeesRo49RsGvY7eeC

5CeBVePgjw4TqX4fOR+pSE2lU7mUKqk2YfvFlwm7UwjWXXYH2fB2B8ICWFdFXlSS

KyopC7skdDGe4lKREH0J4YZSpn9iyrtXgBWmec7ahGT16ucVFKtM78tXH7+XjNPw

4n7s2noP2jkaNuCCjvZ3nmGRdYwFE/iX2tezK7itKiOt0OkxS1x0Xyeo8QdLVL3a

VrfHynezze4RqZD6d3T1m+NzkmiOiaxlPED/UIQYFxFFyPkOaV2Zj8wjxw8oeS0/

S3raxAjC1e4OT34xDcAm2MLnRwwFhNSfPIyfZD4lQ1EW+lll1o1dcwfyxedm4AyT

d1K1AEsQeDzoIEjWUlrVXM7YcdIZxPs3xxOueRYgrHMMxrsawQs=

=IemQ

-----END PGP SIGNATURE-----