A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: eduard.barnas@codea.eu
Encryption: https://codea.eu/pgp-public-key.asc
Preferred-Languages: sk,cz,en
Canonical: https://www.vlm.sk/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEdW2CZUQTke9QpjhZ6guqnkVxHesFAl5EA9wACgkQ6guqnkVx
HeuLLQ/+JPYlJ1B2El+e60CPwEQ/GSiDyVZtWGMlo8hSt/Dp554YrUo7XV+55V6C
r82hv/DPJtXHVNFkcskmuXivGbjyukOGUvKcKopT4+lgauU9N09kV2JeN0GeJLDC
gL2U+hYbx2EcYWYSwvVx76SFPb+Hr+8hglSYdf3CWYX+fd8PmjGYbZJJZvOhLW/F
WO4J5b/mra9PHPwdCiM7bBcDE5HyjN1Yk6dyvDeXGBWknGqHosaNIjFS56szqlVz
MWXtM/fr9QYytDrw0EA6MdGfQxAs5aKv9AKUB34wc3MU/3O2CfTD/Eicoj78caU6
rxpWMHPkoh6bnFR5ccPazlFhJq1Gl/2hRAh9AEKhdk5fYaS0Dz5QnuZBzxu6s0Du
CViSFEn2O2xgCC/FpwV8Yu+a60xm4EMWHiwMIC0Wd66d9QEp08750biMuv8cqQ4t
SsOzqJWd5+HYEElQ5cJRYNlIIJX9xVPwSrF7Y9PYB5dqGav/Z97u87Qz8rHBjGrX
cHI5oHZjCeHoJwdr+MjdnZCjqHpenQ4T2clDTvNK6uJQVMzc+JLLr8SZReSAZnKE
dxnVANCRFzCnoq6vqX4/KZO1o8+BMJwh5yfy6rAbSwEPDBn8jDH+pS4S7cDMbDI2
WZrF5z0/Ren8eyXyExPyPEsBbE/YofwhFqtACWJs6nHQU4VEZDQ=
=yECn
-----END PGP SIGNATURE-----