A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# Our security address Contact: mailto:csawyer@yumaed.org Expires: 2026-12-31T00:00:00.000Z Encryption: https://www.compass-ed.org/.well-known/gpg-key.txt # Our security policy Policy: Do what's best for our users, please. We are a local government with few resources.
This policy crawled by Onyphe on the 2021-06-06 is sorted as securitytxt.
FireBounty © 2015-2024