A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



Contact: mailto:security@cemas.io
Expires: 2025-02-01T23:58:59.000+01:00
Encryption: https://cemas.io/security@cemas.io.pubkey.asc
Preferred-Languages: de, en
Canonical: https://cemas.io/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----



iQIzBAEBCAAdFiEEqShJYYh/LEuJ5WAeMnwaNR0X/zwFAmXA9toACgkQMnwaNR0X

/zy+oA/+KFZq/HyhTwXEFrsryykCw2XZRiW17klqmfWTXox+TWHRFvB8dot+wlCo

Xa9MZyRRVdZXoNYfpgbUfKQ7oDSLr8eqXFLIcPCnT5XDigjoxjZqzQTMgOLRn7bO

bdqxYLkrJU11m0DHdubIqYpmLCpAlnEGNbHfkBQWf9lmhc+QjvUedghDDYi4eKbU

48UCdoXusKz8FarMZQwLEB/mo0lHYrUI1j29+LiQw1TrqSWyYMdoj/Bvl6iWxOBI

jumumJJt98oVv6Imb1Dg8NdLmvXuWYkZol0k8qZrcAQhHcD1XEcRgDOkI08paZFv

1eyllkHCl5WlRdGNhRFbJz9JJkOTqqEheKI5KgYeSBvS9/YhCm7RpBHs2C4TteT1

HHe10rvr/oYjAC+XdohqwEUQH59f9Kd4G6jQfpJcPz97HmvUi8NTf5P8dfCb/adT

kF6C8oLeJvHgO3nX8yaKKeAJLwHklSUQvyzv5nam4cWZZlMtjaWNNxs3VPhwBS3T

mv/Eq9n7BHfb2YmREZuvZKYvJ2TKl8L54//K8ow/4BLOUws1g95Dij35znuW4JmM

O+ECEkvyYXOIsZ66uoGIYw2YTCRPzwbxpdCV9vgOooJSOOrUBhv3yyKr1ncwVMw5

iA1hKEKRfQKq95vnBs+L7DDl0pDO1oWxrjDYl1vZTJfN+KOtKU0=

=vDgq

-----END PGP SIGNATURE-----