A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@lupia.eu

Expires: Wed, 31 Dec 2025 23:59 +0100

Encryption: https://lupia.eu/.well-known/pgp-security.asc

Preferred-Languages: de, en

Canonical: https://lupia.eu/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQJGBAEBCAAwFiEEvxjEDwZcqepVMbKRmGCBMqvs65oFAmBOl9YSHHNlY3VyaXR5
QGx1cGlhLmV1AAoJEJhggTKr7OuahnQQAJhg4P5qK8Xx8mTdesmv7bw/Ap0OyTX8
+XVsvZBr1tnjPNle7PCe1AJKowMh1a4QU61YIbq2TTvbF9/YwibpIyF83u7H0cYd
LXZfX7p9q5StFiBTfc+Pp7EwmDZqguL3UlxJN/9wLeKqmHnEzNREksKYsxun+nJ6
2/kU2L2ALJNwPn62aE0rfcCFjPKD1+N16T5SFppIkCW1o3Or5WKwWQNV7ypPuCSw
460e3zlwRFDg0LlS94qdPlpXxaH4ThkkIBGfmuc8q5pdqmH+8DDVcELDp6N98JnD
2QEDW4aRw043iZvcPhLxlt4ma2WBE6mnxQJpka6sD/6howEOep47vIqH5rqD7weu
60VINzmXD5PLWeTdtYafIOyK3Blhc2/sjr4VyKKdimtggX/7VQWt86M6bGyLrGwi
PbtkwbWt6wjiX+XLYrAOl1KyJFCcXu5z2PtJBdo65ifLPVCh0mxaEsGbm6pyrdxW
lm08WXh/NnoUeyKChRbK6nTEthHrb3dolVTnxIUOxedmf+gwxbTuWPnZ/4hCGDhS
FCdIXMbBjELv+ox/n5jrCGzlIA708EaQjzKBVO3uQrXC8qMkjozYsVLvo+h5+FBj
i32vGm4H5tprqorSNaW+bzvpan34x2Ft1Sw8bRFry+S0jmzZqt5aZUS5qPGY2DQB
sPgPLjF8EIDD
=4h71
-----END PGP SIGNATURE-----