A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# Expires: Thu, 31 Dec 2020 23:59:59 -0000 Preferred-Languages: en # Guess what this will become in 2021. E-mails don't go missing: Contact: mailto:firstname.lastname@example.org
This policy crawled by Onyphe on the 2021-08-06 is sorted as securitytxt.