A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Please report security related issues to Karl Emil Nikka, founder of 
# Nikka Systems. Due to the company's size, we cannot offer bug-bounties. 
# We will however happily write about your findings to help other website 
# administrators fix similar issues. Please contact Karl Emil Nikka using 
# Signal (+46735181000) or encrypted e-mail (security@nikkasystems.com). 

Contact: mailto:security@nikkasystems.com
Encryption: https://nikkasystems.com/wp-content/uploads/ns-content/pgp/security.asc
Preferred-Languages: en, sv, da
Canonical: https://nikkasystems.com/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEvrq/cXBNa0SGW5NemTDIZOq18EoFAl/M0mQACgkQmTDIZOq1
8EpdOBAAmRzuM7ggpunK1yxu+631ksqXBRHIxpiK+7kKjPu2MLbODCt+URtbWTVZ
R3QzGZi1K9PDRteAfqSfbfHzuen8qpZnCIMh5Q2qkI0eJCdrLlRx3UvKzUdXNmfF
ebdfbt5744Wovx+enyeJt0DJnHOqgXMi/SQOS1toO4/afokkqL74gropnO917hIU
WZ+milmNVFKPkHGPL3hVxndGRMjki0qEog6lMckRtXHAP4DUj3+VmEL8Gz2nQu6P
SfYGcAMWEHmx6v1PCB8+DCE+rSLpW4odGVsTbmUNc1vbFrQSzPGejs/LVm2regLp
21YQzEjq2QgPG6jQ7t8Z7hAMVKB47d15jQToXVIu/HfQ3FmYP89lKP7oZ6zbaJqq
QLbl8kha7KUaufWZTBharIwfCqMzBuENcLOTC0ECBzdNs5btUy7b9A6dsvkQ2vBA
UP7v0ujTt8DtCZx7b6o2lL0mSkI/keQ1DUTSrD5HJObAnnTCCRKqi49mkI4G1da7
eTnIBlETOOKK6fv2UiBTWB5twmx+VEWTKRz4NRMO6GC9n6H0NXvmlwHCM98eY5YB
uLwzZYF4kTJG7Q8HY6FVRcpNI3LhaXx8Np/48r9dCRVDRUYruoFNT7ru2vNCUTKt
bE8hHQeQShcCYFuE+RQdf2n0dj3sxJ5kqis7Q8GMAbZgrUBKGEA=
=+1z+
-----END PGP SIGNATURE-----