A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:soc@valtori.fi
Expires: 2024-01-31T00:00:00.000Z
Encryption: https://www.valtori.fi/.well-known/soc_publickey.txt
Preferred-Languages: fi, sv, en
Canonical: https://www.valtori.fi/.well-known/security.txt
Hiring: https://valtori.fi/meille-toihin
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEboaOGKBry+nX1J5MJmDjE0tNWXYFAmPFXUcACgkQJmDjE0tN
WXbz5w//UexK29Q98VP8Lo/mvOkTPrYgPHm1DCUbAhl6zkhKyHgUboGBgEbpDzRp
4+zymIOo/bMwxRl2T0Z+qAgGvbM8OC/gM7cOIbERpmlnI83RLjh1hEeAlsjkOHwp
8pUY7oKSLxm5B73jDqDMyM0GLSovu4bRDuqIz36Ltfr922p/uoIiMg3YTicEwzly
Ewv1fzPfyA1WO39g9kXq5oxotnYY7WQuTknYBERomob2CSaibvR4LWOWiMw3+lVO
Yv2qKOZvVjlpoofRNryIrLLDvFIQyoWY7TzFgSblMteyPT5zAU2jAOqbyhiFQr3q
dqthb8M2cCxkN8gfwqJzfUIi00VqX1UOnj+XXtAWNwfvJrM+suLsG8U0U8BBa7oD
mQEDLsL6g/dV6lFScUkqDXyD9Pp9hQrBT+egtuCk3vSUqHm+LGNFUbNC0G50JGsJ
0O11QDHtFMwTlUz5IZ8xi7CXcwNIcQFayd2q5qdMQWrD0GFwOZDom4gMoOO41MmY
592e+Jrl6OzvM0KLTiNk1avpCydRyKF/FVaxDmBPPRZFjUpds9WJn2e8Z27t2PZp
3Dd9cErwaIUFWlvv9D5aSNZ/dA3uGeZB5wNx6szXkQ1y8h+TbXfb55iQxyfIDYdB
60HJl204gjbrx136rf1fqnEPg2zMDrGMknAs8GdwR8bxpYkOmfg=
=TPGt
-----END PGP SIGNATURE-----