A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security-reports@new-work.se
Expires: 2025-01-31T22:59:00.000Z
Encryption: https://www.new-work.se/.well-known/openpgpkey/nwse-security.asc
Preferred-Languages: en
Canonical: https://www.new-work.se/.well-known/security.txt
Canonical: https://www.xing.com/.well-known/security.txt
Policy: https://www.new-work.se/.well-known/rfc-2350.txt
Hiring: https://www.xing.com/jobs/search?keywords=%22NEW%20WORK%20SE%22%20Security
-----BEGIN PGP SIGNATURE-----

iQJOBAEBCAA4FiEEfnw1fKXUkVvEB/azTemLVVKlC5IFAmfldLsaHHNlY3VyaXR5
LXJlcG9ydHNAeGluZy5jb20ACgkQTemLVVKlC5KPDhAAoIKxZpYXlXdeLzcbG7JL
97H+GuCSYFMHASixGCW0DQyL9xVtHqAH1wOJaBvD4KOgV1J/T/OO2GXcVSm/3nYr
NRCW/fqqDl+VzSpttCMVQkZFcbAotKg0Yozr6cKyNRU1Q6AUO2xnBUw9bol7BQZG
/P1pDAv40Q02Nhs3Besr3bXVLjiT59hkuc8Z/ufA6/DRwXG8L39N6dRK3CBmD/kP
EaATdGuQb3HfvOyRjmJQk8+R5hIWRrcUqfeEQli/0ywuCsAMTgKfyIPkanTuiBVd
5nBftDKQ44StMh+lXQEnjAY798QZ/M21Vs/6iSjrQRhIkSJjVsQ+jtA7lrIGIz/C
HkEodsghDTMtBWexBj7h0Hva207aHv+7uWckyHZ1zggh2kJi2TE+WErZ25KwmHDu
PbLyESlBdz+vCK3UqhKCUQLuegupWht0Lp80+RceI+2VbqFLQ/c3dFcxC6TucrTx
4k6l7V6yvsbaP5qnzttGoFaIrj73aXMlxBal+uIlp+0wHKDrwGpCWL37b+o4eWB3
JW16dzxNGRfv5wIPjayCtHByiYTCVdRo+z1b3yMwV9kTuJlJ7rhtAEowmHamWrb7
UfYvu5Lrywe+Z++FRJt/M94I0gnJcsEeRKrwPC9opaTdBsSglH1a/zpB3JvtaR68
+/1yz7slFm/ii8REB2Ccbds=
=U5Lg
-----END PGP SIGNATURE-----