A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: security@platform.sh
Expires: 2099-12-31T00:00:00.000Z
Policy: https://platform.sh/trust-center/security/responsible-disclosure/
Preferred-Languages: en
Canonical: https://platform.sh/.well-known/security.txt
Hiring: https://platform.sh/company/careers/
Hall-Of-Fame Acknowledgments:
    Ariel Rachamim: Subdomain Takeover
    Nikhil Kumar: Profile Image
    Nauman Khan: Subdomain Takeover
    Hasan Limon: Token Misconfiguration
    Aviv Keller: Workflow Misconfiguration
    Musab Khan: Open Redirect Vulnerability + XSS
    Faizan Nasir: Account Takeover
    Akif Ali Khan: CAPTCHA Bypass & Email Flooding Abuse
    ola0: Open Redirect