A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://vlktomas.cz/security.txt
Contact: https://vlktomas.cz
Encryption: https://vlktomas.cz/key.asc
Preferred-Languages: cs, en

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEER+Rp/czKkVl3ekNQSauw4LpTeyUFAmANvQUACgkQSauw4LpT
eyVIFQ//VBZ6GEqX+KmAhYM0S8ZVxBY6kk1aKw3P7FELZuoWhVDK2qqt6ylG9Jew
k5Gfhc3WLa3SwZQp3+NLjAQPRqtq/79ZsyBbWdUx+kexYK7Bk9BS2YXuC16TJr3W
PU9x+3p4nurKs3Rd9jHed/X6UbOBhBYVrBB6X6S8iJYdFB90PUgEi2kiYJRkkDnY
3rMvYzAGc/5eSTUwQ7QTMq41bAus+coSMvtcDYqu9u7/VATZxpk5x01GwQVm53+o
8IF7oYVCKEdJUHVURCg1WWU7myVSmVOij9XhJeGVWl7A1gvzbYHEMg+AVUswD8Pj
xIbDSnxqnV6Dc6AjDkwof1EtPDqniSl7bh+qhbhaaoOo5fGOEJgRZwkF5gVvDKpC
TvOd6KzbhVHEO6hg/yhEvW7wrvTZ6qQx9VSQsPtEyPr/geUUY+O9YqSP21MdsD4j
ZBmMkq3CLSwY7goOSO6p2QukJZ2nzkzbFNF3tvEoD2U5UHfYd20uyOMbstJMfB5X
ioC4CFuf4Aw/pSLg44sy/RPeLs4RHGO+fmBLBy46DPWM00Bv1XhiG+LSnxGJDEg4
oUXQvT0k6fWJaOJsQ5xSpBCuyszGkSgHKeo1grp7u0T2Z+XMucqO/QBlzw8HsSmj
vnoTggSJddMbNn+r9UKmvG0nUIUeu95AEZijso8fex4ve3RowwE=
=PqDl
-----END PGP SIGNATURE-----