A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Contact: mailto:security@dhis2.org Expires: 2026-01-01T00:00:00.000Z Encryption: openpgp4fpr:8c877f2dc81f1f0e9679eab7c615498443a71079 Preferred-Languages: en Canonical: https://dhis2.org/.well-known/security.txt Acknowledgments: https://dhis2.org/trust/hall-of-fame Policy: https://dhis2.org/trust/vulnerability-policy Hiring: https://dhis2.org/careers -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEjId/LcgfHw6Weeq3xhVJhEOnEHkFAmSdhGYACgkQxhVJhEOn EHkndQ/+NtYYT/tpU+vRIaiebIZsx6bDsad6YV+2sgOaxDvOwTuzUOeRaQ54dtk3 VD8azFW/wBqfFQEphEvvDIUyijrIHHwAKF6GkB4mVSxuxdP48z4/GlWx6WI6hro4 lRVVAfb4LBXh4AoKjpYADJrY5F9l2MFRHMOiKR1+UTUk4veOl2RXH6q6y6Zcww0Y ZBOoi5o/X0TkjHneolkQgFS2UberiGfWFm7upRqu2J51K7phUOzClwlysYz22iWI Xqyi08oJvMc34OM4JGdQHRVHbrOuU7ZfuIYR2LwX5lLqN5+rhe/f0w06mt7LVO6O hvPW4gLgkRgyXNRi1iljFyBF50bjTyHjLCory/2SYlqRA8TlM0h8+sG0lNf6Uckf Ql0SbRf4OH4slaLagk2S+VWgC65yn9dyU3WdAlJgZuY1Gd2atsCMDPmLbWrk4YVM eT5U+vZZhnjmy0GAzu+HbpEK7QAGrVhQW6yPamSm7Y3ljGpVmgvRBJKBddjqYLzN 7LhNMDChmGGgu40XqFL/kupXKtZkW5EsW/XgzM4YMT/QDG7rZNso6yl36sWDYCSM 7D0Ta9VYk9sXim+wBKgqRnxVm/6zN1fHQdi8w5tblsHg3owqIVOlOC/4qhinlbZX dU0gvWzF8fpqHCurQ2CHdbyYATtEvAOOTgdbFsmyagTEM1IJdsU= =UCnT -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-06-04 is sorted as securitytxt.
FireBounty © 2015-2024