A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# $Id: security.txt,v 1.1 2024/05/18 13:50:43 jeff Exp jeff $

# Contact us about the flaw
Contact: https://www.lightspeed.com.sg/contact-us/
Contact: mailto:security@lightspeed.com.sg

Canonical: https://lightspeed.com.sg/.well-known/security.txt

# Our encryption key
Encryption: https://www.lightspeed.com.sg/gpg-public-key.txt

# Look at our security policy
Policy: https://www.lightspeed.com.sg/privacy-policy/

Preferred-Languages: en
Expires: 2025-05-17T14:35:24Z
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE2tUawd05IPaQ6K0PPGAfd27CL5sFAmZIvLAACgkQPGAfd27C
L5ty2w/+NtK/cBKPO9U42O4zsgt2hb54nSqJRtDKzfndmoBQhSxV+yz+NnrxiE59
XHNK4FYjJH6xBXyEH88L/Qdiu+C0s+DYivCQOZGzxFQk8E2U7UEM7DYm+K8hOCQR
s0qHEGHTOKybmwwM1nJPnAbD4g1X7znhwcD+YoNO91TBe4TcQk3AquNb5p4JPXYu
ea5SthId8TtKtahXgwmictAmjk+dJ/c74SM3xcKHXjFq+2+djHxYVvET4cPu+OmX
Myeo1dOZVsK7hY2AE8wJ2d3rZ5bavUhEZZv/EAH2KFvMfQ6u9574Zy066eqvA/VN
nZSCtr9diciU5CsxDaK+ZjnyESkd25iWoeKsRJHS3Z60PnPgEtPL81Wr3Gdns7HU
H/jauDu3RQA9hee37mPc6UFcIB2/HSob1FycsfAEe9zhwkRQSfbHYHK0p+QjhZD1
T/EZAeUpnURhPkCAIoOCHjWwDDKuGCO6z9bbZqK1LqA/sdum+R8p98tikeVrI1ro
CM3hXtSu/wXMeV2Wt51vcLcnCCkqEcQTkIQg2CUUsqEpqGGFxnJIy27/TmWjetFg
vMoa6kio48ssaHRafbybF4rOkLFrScvt7rTnmB5QfrIocJz+2wb6svJ3qW2m+5g9
lvEFuJ9fKFYJumW3ZAuSUsHdTKD8Gu7oLgutm49urLD5XRg74SE=
=hLWp
-----END PGP SIGNATURE-----