A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Contact: mailto:roger@paranoidpenguin.net Encryption: https://blog.paranoidpenguin.net/pgp/ Canonical: https://paranoidpenguin.net/.well-known/security.txt -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEIpYMi0QWFt1UV613RuHSZIXWFosFAl7NZb8ACgkQRuHSZIXW FosBNQ//drFOgCOsolFV4Ncyt73tAkRP92sLGG2232YNN4VWOTk8B1R28KysxrvB cuWlDa1xAyO6waME12GCBX8SFRjCWAtLxSSkdY36zIfdp1AYyKWyhsN/686PZDU1 yI071OhK8NiFSHfAPq/As/xJJAY3WGcKUnwIwy7n3cuwx1DbuxVNKDfGbrcFfXIg YctM0g/1sy9n5LcHK5ehBKPfhO4rT0pXiu4fBvCovjRtYC+4F42deUf4z+tb9PKC BT2BaGru4nLA++pP4mjsapOxM30Fl+0Ku4iDDq+NfW0dAuwuPVJ1+xPPOT0ycmKs 4qIPd01s2O0jB14JSaFltAFkzMRtMXLfoN43uaDZ+/AchlPQdzsvMxcWzvdsIAio kdipxLu5mydA4KXfUmCRW0bQUonwWayx5Zk5cOItIM3D85Z2c2CmNsquUBHtoKY6 8VUwnE/NW7efyRSNAXHgeoGQUl6GhwtOWWRIXu4xLePm3znSWj/gI84DGKHFqnYE BixzNjzhgGFN0OsR8RZXQWo8hE2xR4O82nCJZvyuXldlAZZrBiqvtQ5vaPlkIVJe Waccv56qVhgIhEwLkLwYOswAld41ZJOlmzmc+4IGL+0r42gS2fXv5fZA+4AwnckB n78GEnGI44nfiGK8p3IHv2brHf0Dyk1mjYxfInRhPJIMr2BsxHU= =eP1Z -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-08-06 is sorted as securitytxt.
FireBounty © 2015-2024