A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:csirt@certainity.com
Expires: 2025-01-02T09:00:00.000Z
Encryption: http://certainity.com/.well-known/gpg.asc
Preferred-Languages: en, de
Canonical: https://certainity.com/.well-known/security.txt
-----BEGIN PGP MESSAGE-----

owGbwMvMwMWo2CojEii8hp9xzbMknuLU5NKizJJKvZKKkjSmk9XO+XklicklVgq5
iZk5JflWycWZRSUOyalFJYmZeSB1yfm5XK4VBZlFqcVWCkYGRqa6Boa6BkYhBpZW
BgZApGdgYBDF5ZqXXFRZUJKZn2elkFFSUmClr49qhr5eeWpOjm52Xn55nn56Qbpe
YnEyV0BRalpqUVFqiq5PYl56aWI6yI7UPB2FlFQu58S8/LzM5MQciIHF+E1E9hZX
J+NmFgZGLgZZMUWWM8qH36w/d2GWzAFdcVhAsDKBfM7AxSkAEzHg4GG4bsXJZvgr
v1/lzqLK/BxrS+3onf/CHiu+Ym9IZz/EkaWpe96qKuyhDPPVOkGD2n0tt1lmBXje
i+/Z/LQ5OFTmVP/kcMVJ1z9//m2pJRau53Nx9SnT+MN7PBY3fmOv2tr43L9E/qe1
hmLOanepqMoup3+NgpuFs12mqR8X0zrdVmXEaZj96VNc1XQHvmklKWsSdi4Tmi61
JYt9u6yI+SbFT+HbzLVWlcYorqlTumqVcjMsb1doTvacKb6cXNIsW34dkzBv2r/r
7bmJRzawzD8actHfJ2OtsouTXOOZIN6XTjLP3S9o5aoWccdKfN9Rpn3HnsnZ9RiX
iNiB3YdXvzGXnvs8+MOxFB6PXCEmjtsVk1xfrEv+73Z5ltzBorWFOnP/dl6//H/9
z3+dqisPOj+OEZFlmby7eXlTVU3N9VRrhxlHJUsFDcOv3tAyKmCaOjX+RF+Q7OUl
8sGniuO1t5wK75RvutBvP0HNPsUwyTFbtzt9o49sXe/DwOADt53d3BqdBSUXlyTF
JLpzL5OSu8IZshgA
=9sMf
-----END PGP MESSAGE-----