A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:mail@vincent-haupert.de
Contact: tel:+49-9161-875-83-23
Contact: https://threema.id/54K78E3P?text=
Encryption: https://vincent-haupert.de/age
Encryption: https://vincent-haupert.de/gpg
Preferred-Languages: de, en
Canonical: https://vincent-haupert.de/.well-known/security.txt
Hiring: mailto:mail@vincent-haupert.de
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEeBRY/J+I+lW78sLBqLYF6W+CtOQFAmCrXj4ACgkQqLYF6W+C
tOQn4BAAvs4sssurrA7AHzIgqmR766YfyJB+WnpdVVt3HM9mrHVUREKgn3uoLki1
poILXtnuOSjBs9HXsuOEU50+qR1raf5UoF8B19FX7xuRl5B9SrOrMFSd4PBAtu08
KbhivwBwesYx/phahVYPfv5asMsG2pSSaHo0Qp118G+TnaaagU4xE1FHLGnhBkHj
3fh0+tKWZzl98wgigtmPuI9BKnTl2xcNH+DhbTIyNZQvinK+b0Vn6WqQTPWOjqZ2
WSq+rXxZL2MvbjGMQ/Jbz2wWSg/QZz40Apj4qnrHRudpGNVJga7zx7aUjMYuVe/W
t636sP6H1+u3VDmfhnY7TUFy9dmnL0mOq+QvaiQC/VtKkp6oYytsSsd9fZhirEVj
1yH1vX+T/qZuxkGtymc6gRmEZyW8S4Ik3Ulvhivs5KntomeRbi/HbrOrlQrjr3qP
lqvXcqAu9xXeemPE2eWKz2lutpiDi8VFmFXat/9/2N4Ve1oQDBjArXv/EmoyFdZS
EItHuWLP0Yt7clZKJfUXFrp18hOL3a3dS0g7llGxe+EUOoDBg6H6uuobFWEV7Rr6
4f/F7J+MaIT8mlgvENxJbkZdzjr/obJu3i5dK+DmBwhuVVvaaxcGuDNkKkKfWleU
QkIZLM6Df1ANi0hFRQ+PT9nWDMuEP6HrSkIHoolKDDkJTb00Tek=
=I0ii
-----END PGP SIGNATURE-----