A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security-reports@new-work.se
Expires: 2025-01-31T22:59:00.000Z
Encryption: https://www.new-work.se/0xBC80D8158EDFE2FF.asc
Preferred-Languages: en
Canonical: https://www.new-work.se/.well-known/security.txt
Canonical: https://www.xing.com/.well-known/security.txt
Policy: https://www.new-work.se/rfc-2350.txt
Hiring: https://www.xing.com/jobs/search?keywords=%22NEW%20WORK%20SE%22%20Security
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEuxYTVsG6QyDAVRIRvIDYFY7f4v8FAmWVKO8ACgkQvIDYFY7f
4v8LmA//eNp8aZatoU/WscMOE+VpkRVCOOIISGLnmPPp04Fd2DlzDIjcWEThSrs9
D0vu5J7HIpixq6JCuNdZ77aDE5fvtjNMIrFvHYjs4Dz31ZZPh+IJywtlqsvf1/7K
Hlt4KorNcJ2tzb3RVbJqeiAbEPYMGAOm5gt/tHSrgEJ9QJa6aa6FCc1M7PzprxwP
2BbKTQQG0Arzo/E5BugC9eR1jAKfdKeEuelM7c6uk54faOVH7UJ9FHf6yGf0P8Lq
m4lnov2wBGLmxQ4A0dB7sD297IeNRmzFpBheD6mEuskLXaMbvxAv19uhCJmPwhQ7
UWEUV+v1HU5eqO78rHG681S0+e8png0fzcuhx6BV/7S8rSmcikHgpz+YkrOf3ISx
HCxvOJKIXLVZzoJeL19dZ+8PUQZk6/VQIvSMmCkLQi2nD5HtQPU+zbNKnBt+3+7d
NTVznNjkaOXbeWvQqivpj82T1IWbvXAln9DYnpOlJsuDBK/V97K+CGhXnEJOFf7U
D+L+uP2UY86yCzkYh1gYTG2B1wPch5WyIg/4/9O3+IG2bTC4sgSrOZe4bmV/eoE+
MMrOcCryo9IjoHHhIJcSJQP/V/7i+jOvee1gUzMZMWdSf3MnearJTpDvLKt2srb7
0FC3ygbY5AXflZYqrvJXYqvei6P8tQFkm+geVbYk3TzfRFjPKjE=
=FybU
-----END PGP SIGNATURE-----