A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# If you have discovered a technical vulnerability in an IT system of the Swiss Post, # you can inform us via the listed email address. # If you are interested in participating in the Swiss Post bug bounty programme you can find out more here: # https://www.post.ch/en/about-us/responsibility/swiss-post-bug-bounty # In case you do not want to register on the Bug Bounty platform, or your finding is "out of scope", # please go here: https://vdp.post.ch/p/Information-Security Contact: mailto:security@post.ch Expires: 2028-02-19T12:29:19.000Z Preferred-Languages: en, fr, de, it Policy: https://vdp.post.ch/p/Information-Security
This policy crawled by Onyphe on the 2021-07-06 is sorted as securitytxt.
FireBounty © 2015-2024