A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Canonical: https://itrelation.dk/.well-known/security.txt # General security concerns or findings, please contact Contact: mailto:security@itrelation.dk # Encrypted enquiries etc. in accordance with https://itrelation.dk/rfc2350.txt, please contact Contact: mailto:cdc-csirt@itrelation.dk # Our OpenPGP key Encryption: https://itrelation.dk/pgp-cdc-csirt.asc Preferred-Languages: en Expires: 2024-12-15T12:00:00.000Z -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQSLNtTmOGG5heCzV23zdyDKlIZyMwUCZRv4sgAKCRDzdyDKlIZy M5rcAP0a2BzOXkbH+xeVIAOtLLtBPrmyK9yK5LUdg3W8uJ+9CAD5AeeCXhi2hWxK meWsUN3t+vi4xEyY90Ug1nTxa7srRgw= =g7P1 -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-07-02 is sorted as securitytxt.
FireBounty © 2015-2024