A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# In scope targets In-scope: *.dailybits.be Rate-limit: 100 # Our security email address Contact: mailto:security@dailybits.be Contact: https://twitter.com/dailybits # Don't even think about contacting me for a beg bounty! No, it's not a typo, read on... # # I run this site for free. By all means, if you find an *actual* # security vulnerability then contact me and tell me what it is. But if # you've just run some automated tooling, found something trivial then reached out with the # expectation of cashing in, you're going to be disappointed.
This policy crawled by Onyphe on the 2021-04-05 is sorted as securitytxt.
FireBounty © 2015-2024