A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# We appreciate to be informed about potential security breaches.
# Please be aware that HELLA is not currently running a bug bounty program
# and no bug bounties can be provided.
# The mere presence of this "security.txt" file should not be interpreted as providing
# permission to do security testing against the hella.com domain and its subdomains,
# IP addresses or against other products and services provided by HELLA.

# Please select "Information Security" contact form under "Others concerns" section:
Contact: https://www.hella.com/en/Contact/Website-Press-Other-Concerns-837/

Preferred-Languages: en

# If you are interested in working at HELLA / FORVIA (including our cybersecurity and privacy teams), go to
Hiring: https://hella.csod.com/ux/ats/careersite/3/home?c=hella