A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: https://federacy.com/level365
Contact: mailto:security@level365.com

Encryption: https://www.level365.com/gpg/security-at-level365-pubkey-2FA5F620.txt

Preferred-Languages: en

Canonical: https://www.level365.com/.well-known/security.txt

Policy: https://federacy.com/level365

-----BEGIN PGP SIGNATURE-----

iQJKBAEBCAA0FiEEEvDkgv+SQkWGXzI2w7561C+l9iAFAmD0UTQWHHNlY3VyaXR5
QGxldmVsMzY1LmNvbQAKCRDDvnrUL6X2IMp6EACNw/ddDlKdIuzrOm2WA7SMeRNu
55seU9jcwhN0tpxLLH26JudqPJEtz0NtBaTUoW6fRooAgJi/d1HZWdT9pNW9QZww
PV0npryxmAwnulL799mr7sj97eG3Qauy99Ys4so0BTnc20o9x+8S7DKpqqZlQoLY
cjXtEK6Sj66K8AUPMUlFZSPP4D/UCuJU+gYWkt58LegpJvfEktuXNiriRUnAMJbq
bFomVXDqI5GK1rluOCdB/oLN2IaNupkURxk5UuNj0pBAX+wyf7GvW9pTvFS0JxAL
wKUlJGrGkpr1dtaKdwzqDOpCVOdwBJUhw9GA/JAt1CSEajltPhramMLH4ohGSSQq
fuw7lC09zAdd3euArE2d/jyMSWekHOT7JDkh5BjqTnVjMr5NGRkwYxHdE1yLQzyv
7A1pgLf7U1FDayJtDNYySN9Qv2WFo9nBj3kFSS/EKDbSQiwpeGTGoS5qYsuTya4q
Ev6XSe+p4JZgHhBWPKsc+YzNVWl3GXbMC0/nKb8sB2XtWYz5R4IyDbUDLfX1qM8a
CT7U9i8fypoEOC0SHXYbM0h9CXkwrvXxTcUJzow0QwphyAH3om8TWjv+bdWkW9lA
CvhrxTcTZj84kX3ARwjBLcb72dXO5LJWuWKxFcdADNIrfYPcS2zmRFCt+jARW6fq
zfV8wfKe8w+wQwfnug==
=5V/U
-----END PGP SIGNATURE-----