A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@fietsen.app
Expires: 2025-01-30T17:04:00.000Z
Encryption: https://fietsen.app/.well-known/fietsen.pubkey.txt
Canonical: https://fietsen.app/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQHJBAABCgAzFiEEyaahbLWzGJD9OZIlQI3PBP/K124FAmW5LFAVHHNlY3VyaXR5
QGZpZXRzZW4uYXBwAAoJEECNzwT/ytdudv8MAJlqM86ugASHR6u5G8s42dfhDoM3
WHWzYA/ke4cZtKeAomuHRklEt5JSZXW8K8nGfcWh4iiys/mcOM8oJF6SXBBN5rI2
xqQsTE25O6/5x9qYoM+k6s/xqNHnE1Q1A4xF+MdymcY8R8wjL8LegomArRxlvmrx
6jUvbbN2euoZFA6+btmsYzwvhJO6yhL7XiSeOXqXICV9Tmn8SQax+eQCmoRorf/B
vKlQrEmHpj/oD4fNOhAM7JFuGJqlAWa5BgmaAx6ccHM2YX3XOx11qjoFms/E2W+G
WsHXu3RC0CHC38yevHbeBBdoj/dLrEwj7TOuCf4Zyba4kk7Bt54fI1/foki/+aTT
Gvacw2xlnlQpiKSAjGKD+F/4bU6s/0yym3aU9viDL0QLHUhu1yVOQQJ85EExi61y
sjzLdc3uLQbKyQMgW2ZobTmaOOgkmnEhd+S/xIWcLFpjrSkw7hMN30SuGpTUiOBz
1d30i91vRhwkXd5rxJW5AANvKK6Ikk/+w21kTw==
=u+DJ
-----END PGP SIGNATURE-----