A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# How to report security vulnerabilities to VRT (Vlaamse Radio- en Televisieomroeporganisatie) # Report security vulnerabilities to this address. Please read our responsible disclosure policy # before researching and before reporting any security vulnerability. Contact: mailto:infosec@vrt.be # Please encrypt your message if it contains sensitive information Encryption: https://www.vrt.be/.well-known/infosec_at_vrt.be_pgp_pubkey.txt # Disclosure policy. Please read before researching and/or submitting. Policy: https://www.vrt.be/en/responsible-disclosure-policy-english-version/ # We recognize security researchers for their reports. With their permission, they will be listed # on this page. Acknowledgements: https://www.vrt.be/nl/info/responsible-disclosure-policy/responsible-disclosure-hall-of-fame/ # See https://securitytxt.org/ for the specification of the security.txt file format.
This policy crawled by Onyphe on the 2021-06-04 is sorted as securitytxt.
FireBounty © 2015-2024