A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

#         .;''-.
#      .' |    `._
#     /`  ;       `'.
#   .'     \         \
#  ,'\|    `|         |
#  | -'_     \ `'.__,J
# ;'   `.     `'.__.'
# |      `"-.___ ,'
# '-,           /
# |.-`-.______-|
# }      __.--'L
# ;   _,-  _.-"`\         ___
# `7-;"   '  _,,--._  ,-'`__ `.
#  |/      ,'-     .7'.-"--.7 |        _.-'
#  ;     ,'      .' .'  .-. \/       .'
#   ;   /       / .'.-     ` |__   .'
#    \ |      .' /  |    \_)-   `'/   _.-'``
#     _,.--../ .'     \_) '`_      \'`
#   '`f-'``'.`\;;'    ''`  '-`      |
#      \`.__. ;;;,   )              /
#       `-._,|;;;,, /\            ,'
#        / /<_;;;;'   `-._    _,-'
#       | '- /;;;;;,      `t'` \.  You've poked and cajoled
#       `'-'`_.|,';;;,      '._/|  Found security gold!
#       ,_.-'  \ |;;;;;    `-._/   We thank you most confidently
#             / `;\ |;;;,  `"      For disclosing responsibly
#           .'     `'`\;;, /
#          '           ;;;'|
#              .--.    ;.:`\    _.--,
#             |    `'./;' _ '_.'     |
#              \_     `"7f `)       /
#              |`   _.-'`t-'`"-.,__.'
#              `'-'`/;;  | |   \ mx
#                  ;;;  ,' |    `
#                      /   '
#

Contact: abuse@dreamhost.com
Encryption: https://dreamhost.com/abuse.asc
Preferred-Languages: en
Canonical: https://www.dreamhost.com/.well-known/security.txt
Hiring: https://www.dreamhost.com/careers/