A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Did you find security issue on benvenuti.com website?
# You may send us report using information below
Canonical: https://benvenuti.com/.well-known/security.txt
Contact: mailto:levi@benvenuti.ro
Encryption: https://leventebirta.keybase.pub/levi_benvenuti_pubkey.txt
Preferred-Languages: en, ro, hu
-----BEGIN PGP SIGNATURE-----

iQIyBAEBCAAdFiEEujtIT5JPLBtcWz+o8CdlVuzlI3AFAmAllegACgkQ8CdlVuzl
I3BoLw/4zai1eYTFvvCUzxRouM8lnGVYpGYdHIaihNSgTfE1E0CLQmh+ixGj+WCT
cvkiyOaX8zoYNivK40UzA++uqs0kgc8dSwpBz06VfA+F0DQ+AtTJABZJ1T+SFrtH
2R74EPmr+SAKy+FAglU7+3rwsnGWv5tyEgeM1zN5RQqMTXe+dvAc6f9T3vZSGsYG
KF0l9hcOl7vvc8s0TXTRNw/rQtMslxdh9EMmdT7fYo34WPsn0wMD13OJ/eeVZmjV
Mm1GhuodGQOTX8gdX9z7PJnU8i2QOFipttwsBE5qrZar5jfpvXNPA2MkDl/x+qgq
SMbwz9WOoob03zaD1IJNjm/AeIQ/RGlhW5xfY3N9zKuIfkl2/vKfe/UD/zWOevdS
TytHxjxuBEpBr4ZUqOL5RBXJ4UaCDSHqRR7Kx39aOTOlH5R0HgBCcELJDV7nkIvW
sm49C6fbVuiNCXDmVQ/vJlleEyFC9eXh2lWzOm5ep47Rcm2+oTqe59VPcn6UEJKc
xMhRoxPfBrDlo9mFf72NSYvqtGOqpdWecfxXJQ9nAFU4JzQ78FNwLF/nmf9yjCTx
tcOXB04STnq+IdSDRUzok513tXdAs8cvAgDXN7VjmP/vv9ZWYU4cR8EsTknTpF8P
4I1P8qfEcisFosaimwxBRTTm9it5q20DnLWNX0Bplw6DYCYe7Q==
=0vj3
-----END PGP SIGNATURE-----