A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@noack-it.at
Expires: 2025-08-31T23:59:00.000Z
Preferred-Languages: de, en
Encryption: https://noack-it.at/.well-known/pgp-key.txt
Canonical: https://noack-it.at/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEE0sdJs5hbYY5xs8raYhASDInip20FAmbfJ/QACgkQYhASDIni
p21iYAv/RV/WjlXyT8TEiSLswlWgR7DGID+U3ajBhQgsnGbyhZe9URY6yYn9qs3R
5tn71Ja/qHocgfwh3xyZyZxvPZ87gxQCwvW3bvNn1OQsPEehjg/YXIiUIXIumTa7
J2iAVgUrgxJ25xJ7DaWIDVXz1CQxYN3Dn5TZeSHrGp2NIsJpkVOhf2bZwhTIGnr7
tj2hUOER1q9LsFEIzSzTW3wTcOCg8p75MOgUuv3oZjrSzCRtWJQvonQwiyoHW6gW
fdnDh2IXrq/g9p66JlIujQJKfXbtr5Uxzag1l7SHeIduD7b/wUR0AJlN6KlqypGt
XGPnfmwU9h+ARRFuIso5H3kp5Kks6025o4f97UAf4ubpP3fQh+ETMZgZJFqatELQ
vFt7Cw0aD5dpAeXOG0hxkXDU1+bP4G54+f9FWuwvHrkCvlGwZ2FYPh6GGx/1y8bT
GhsXm0n2MbV9gCBvxV4HYiDIrboQQBREseyrf0/2Pk0JnQkwibQlz3XDZ5fg7IXe
USDMDGH4
=3luA
-----END PGP SIGNATURE-----