A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@debricked.com

Encryption: https://debricked.com/.well-known/pgp_pubkey.asc

Acknowledgments: https://debricked.com/security-hall-of-fame/

Preferred-Languages: en, sv

Canonical: https://debricked.com/.well-known/security.txt

Policy: https://debricked.com/report-a-vulnerability/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEF1ceBqplfSguNnWj/pWrQZ2XeV0FAmAv0poACgkQ/pWrQZ2X
eV0J8w//R+0kyV0h60FEhDQ9QAhbXZBREhf8H+t6Afo0BF5VtWgidwBm8s2YFy7h
9IrD5hIv5xp4/m/Fnpt/VsQmQ3bPh0Cpb2hMlLwkTtoKvG3vdHPn9oGMc2kpIPx+
y80bRaeN/b6DN7xQJuXL1ExHx2+l0LJqKizLZo+t38YraUr94op2rloaNpwuCTei
0dSZScWfaBtqxiSeIMT7/GUqdaLlyHVUkXpSOgCZyzlfYoFhcjg/akppn2GMF0I7
+dcoBO/9NJaBCJr4dapB25IStrnDd1UEAmk6REnNedyXHJA4WCBNTwLocmzx87KY
4Xh6omUizOBeZTX9GP5ck1Z06cq/yCCnVhWXeR6h5ekYUxg+NBhzUIN9AoGL9joY
vTGGchSsFbNAZd9dhTw5cHV8gxnoYeKPcAPIs3A86QmxQ+3ATTLmSy3aIeCdN0IL
YuurB1cip1uAHlpEXXtW51/6nNcQHPrq79AXAICYe3waz7XtzjVA+iHwMIAzWLAU
kunhMHwVUQ2AjGzEYct7X4aZohBtVaBQr1oaEZ9C66/SPzCYFtcXGo0keDPqX8EW
kiJ71T0F73df4EzeMAZHpA9CAD7+YPiy5dxjkYuVHZyQPx5POm38k6jPuRrylERi
krLm3bw9wXWlHy4JoS/iDxSONOOiSIDwQRwvK/82z9rpa/SkoPg=
=cc17
-----END PGP SIGNATURE-----