A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:psirt@sick.de

Expires: 2024-10-14T00:00:00.000Z

Encryption: https://www.sick.com/.well-known/csaf/openpgp/CDD1CF41EC1D6F9A415BDB5C034F17E61BA3842D.asc

Acknowledgments: https://www.sick.com/de/en/sick-product-security-incident-response-team/sick-psirt-acknowledgments/w/psirt-acknowledgments/

Preferred-Languages: en, de

Canonical: https://www.sick.com/.well-known/security.txt

Policy: https://cdn.sick.com/media/content/hc8/h9b/9649321148446.pdf

CSAF: https://www.sick.com/.well-known/csaf/provider-metadata.json