A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Hackuity - reporting security vulnerabilities to Hackuity

Canonical: https://hackuity.io/.well-known/security.txt

# /!\ WARNING /!\
#
# This file does not grant you any rights to perform security
# assessments on our assets.
#
# That being said, feel free to report any vulnerability you stumble upon.
#
# Do not include any sensitive information in your initial message,
# we will provide a secure communication method in our reply to you.

Contact: mailto:security@hackuity.io
Preferred-Languages: en, fr

# We are likely to be recruiting security professionals!
Hiring: https://hackuity.io/jobs

# Please see https://securitytxt.org/ for details
# of the specification of this file

# Thank you! :-)