A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# If you plan to report security issue # mail: my first_name dot first letter midle name dot surname AT google mail account , Sincerely serco /.well-known/security.txt Contact: order15 @ Encryption: https://serco.se/./well-known/pgp-key.txt Preferred-Languages: en, se Canonical: http://serco.se/se./well-known/security.txt Policy: http://403.shtml Hiring: http://serco.se/security/ " Hi 66.240.236.119 I will take care of your request soon 2019-2020 your python-requests/2.10.0 will be answered soon /.well-known/security.txt 10/2/19, 4:36 AM 225"
This policy crawled by Onyphe on the 2021-10-26 is sorted as securitytxt.
FireBounty © 2015-2024