A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# We partner with BugCrowd for our bug bounty program, and to handle responsible disclosures. # The bounty program is currently invite-only. Stay tuned for more information: we plan to expand the scope and make it public. # If you wish to report a security issue to us (outside of the bug bounty process) Contact: firstname.lastname@example.org # For other inquiries Contact: email@example.com Hiring: https://aircall.io/careers/ Canonical: https://aircall.io/.well-known/security.txt Expires: Wed, 30 Jun 2021 23:59:00 +0000
This policy crawled by Onyphe on the 2021-04-08 is sorted as securitytxt.