A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: https://boumen.eu
Expires: 2025-12-31T23:59:00.000Z
Canonical: https://boumen.eu/.well-known/security.txt
Encryption: https://boumen.eu/key.asc
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXnfIFqhFqyGzWrIACmrRew5vrQoFAmdPWJ0ACgkQCmrRew5v
rQr6yxAAm3K4o90FkEvOCXdPyKBixYG9/TU56XYZKmd3EbJlL7S/H8K7PIBtVfXs
bSt1I6ApYcpuuCPmtR+g+NBtLJB7uJPuTJ/5eGofKtUmaruei/IvVP9UHiUNu+/7
QSR0qQW2AUK4IGbSIjNzlkW9jiyFgl7Egxl5F7xD8ycoYSQc3M2sr87EN23bx0BC
cv/VmK8vwdx3eMW6XGGiR5fro4bOFBNM3N7jruAAJbsFURsCutbWFm+ELZHdn4Vl
yVMMXzb/gpxDOgqIrVFQrmxRrIaYtrYiJ16zYEIA7VIrsX8yT1IgUtpBqSPlNjch
+Mx+ayF6D3TPiNFo4ZmkvQXToaVEQrcS4BFMOCijd2IYPMxqrgcNcjH6Ptpqe0ut
po6URcV9xGZmBjKX4x2yuYwHFVAQC1ID13JcXloRiCdkRkc95Eo8pdGXIBppIip9
Z1Cs50RNLnzLP9hYjbjW3vtAAqQYovuX37k8XzKMRUq4aOW+emfylVkfJIWuhrnN
OjsKJqcdtaJhbj3sELgOAXYmVtlNB2hzxDbzRvukoAAkdlDzKJn54f4N4y5EXfco
3TvF9X9cs2rL4KC03nMLVMxtbojfPT5MNWG5KScz9fty3MWiJQDYSFUVgWYHdCk9
9H2qY7G1DChpsfjFVUADsCdwBjPtsbkgfhsG/qsev2DvMl+z6xo=
=97eI
-----END PGP SIGNATURE-----