A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Submit a report via our actively monitored public vulnerability disclosure program here:
Contact: https://zivver-security.atlassian.net/servicedesk/customer/portals
Policy: https://www.zivver.com/legal/vulnerability-disclosure-policy

# Please take a moment to read the disclosure and scope policy linked above, to be sure
# the issue is in scope and not a false positive.

# NOTE: If the submission portal is down, you may use this alternative point:
Contact: mailto:security@zivver.com

# Please use Zivver Secure Email for encrypted communication:
Encryption: https://app.zivver.com/

# Thanks for helping keep Zivver secure! 🖤

Preferred-Languages: en
Hiring: https://workat.zivver.eu/
Expires: 2026-01-01T00:00:00+00:00