A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# GroupMap Security.txt
# This file provides information for reporting security vulnerabilities responsibly.

Contact: mailto:security@groupmap.com
Policy: https://www.groupmap.com/security/bug-bounty
Acknowledgements: https://www.groupmap.com/security/bug-bounty

# Optional fields:
Preferred-Languages: en
Canonical: https://login.groupmap.com/.well-known/security.txt

# Disclosure Policy
# GroupMap is committed to maintaining the security and privacy of our platform. We encourage responsible reporting of any security vulnerabilities.
# If you find a security issue, please notify us using the contact details above. We request that you refrain from publicly disclosing details of any vulnerabilities until we have had the opportunity to investigate and address them.

# Thank you for helping keep GroupMap secure.