A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: tpzker@thepuzzlemaker.info
Encryption: https://thepuzzlemaker.info/public.asc
Preferred-Languages: en
Canonical: https://thepuzzlemaker.info/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEcJXCCpIkPbZRdwewlozZ1xyfu2wFAl6Hd/0ACgkQlozZ1xyf
u2y9kwv8D8Cgj8of6kcY5EghL+5sXR2DkFrnKaLH5Zyq+nJX+ttKOl8Cu9S/b8bv
QOPOBaLkwjXVqDy8JIfIYvbwAI49C0J//VC1jhmBVTOfgQmeuY7ALKbAWt4TYa9V
ug6RKxTtZhjdOerbVP5bhBxMXw9WAstwsG7pDGJPzm+umr8akc5Dj2mwKWAfvbWx
rgx0ldvgVkDf+gwqmhIsbkdvcF2+/wRg44ha6KER1RSlsrtAO9O8WGGnmBkbfVfb
yPQk2wAIv+XNt2azskyoCm5BJNHgAQEBYh7qL5KPkGz0GmJCw/oVhfMGOmACmvay
wY8xwdHss5y+6XH9UDHGDnQIo2qd0elKQpXDEq+XpC2mYNpN9fsJDvG8p2+MLlr2
4Yz1q7/L/Sf9OzPMZpH6Hxv0Dn3C48PJRNzUGBwF8aeacL9paXJ1UUQPeKmAWKnb
TDZA52/o51R7Mjurcol6bohwDVtC1QxcpBbnOp505YIorwQH8iqQ2M2lGWIDzASl
kOJfl67P
=amBL
-----END PGP SIGNATURE-----