A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# security.txt

# This file provides contact details for security researchers to report vulnerabilities.



# Contact web form for reporting security issues

Contact: https://bugcrowd.com/engagements/keepersecurity



# Acknowledgement page for researchers

Acknowledgements: https://bugcrowd.com/engagements/keepersecurity/hall_of_fames



# Security policy and guidelines

Policy: https://keepersecurity.com/security.html



# Preferred reporting format

Preferred-Languages: en



# Hiring page for security-related jobs

Hiring: https://apply.workable.com/keepersecurity/



# Canonical location of this security.txt file

Canonical: https://keepersecurity.com/.well-known/security.txt

Canonical: https://www.keepersecurity.com/.well-known/security.txt



# Expiry date of this file

Expires: 2026-12-31T23:59:59Z