A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Contact: mailto:matt@domsch.com Encryption: https://domsch.com/8E2D8B9B.pub.txt Preferred-Languages: en Canonical: https://domsch.com/.well-known/security.txt -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEUc3VEWOk+TkwNXO/3tn7nNHjOT0FAl+POwkACgkQ3tn7nNHj OT2g6w//dfA+XZR8h16K9uiS2lB/UZ6WOX4EzefxAYsr8o3GT88uOMuGaYgy/rOT 18t9MWeDOtKorLb3+nTT9deXYSFIta9TmtfCSizAhD5fDtIWhhkDjf7V/39ErHrv Ro0USgwLvQtRzkE8r5mXQfG/xAd3ue1XKtrhJvycGUCGiteF9WIwQPzw+Ij6ejIf 5flBazWvF3Fxtn1zVo314XASDxWUIHgw1tFb0Pnych8/lDnIn5TKzmfc2/jTNUtv 1+rk2Yu8XNIcg3uaAviwhmuDEk29oAXFbkD2HFGMGgOyXyzj7veT11jQFUvR5tqV o6QSANWOpOltnED1zu7ULGw4oMYX+9o8sSM4Htmk46sEcOdk0bkoJ7FFUS+Fm8TU oIKzEEaO7LOGZU5kwCVnGbRZ+3XsH8+JVzghQPfGftlxJ48aRFV/iVXRgL3Uy4Ip CrLszFQYb/VQp357lhE7IOZFfVugvYf8ZwbzxGE+2X9cupY1+e7l7WA9TmvfKVQT vT02NacDrQ9ZWhLSbofCDbkxrnYy7/zchZRL8RsdxV1uGFbhCB90IMvC7R0HLJ0q mv3m+DduQT1KVEx89tQg7Tjd4hljHx488iUJS8h9hAbNzJwFPtoX2POpZUYwk7xH BEocN1jBlHRy3UYDcTpBnJQ67LnFr/M1L+OVraApoHCVa1pMjZ0= =iLYk -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-04-06 is sorted as securitytxt.
FireBounty © 2015-2024