A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Canonical: https://www.sap.com/.well-known/security.txt Contact: https://www.sap.com/report-a-vulnerability Expires: 2025-01-30T18:29:00.000Z -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEiCHMjtJPSyyKMzL0BBcbTPUvfCgFAmY7m3QACgkQBBcbTPUv fCjwVg/+LDO4nLhG6+vy2R4hUUrRTPKLcc9unMrgUceWy5gkUHwe/daiBPAQBA35 xn3Uvm0wz8Cpx+Sj2xsBoQ+c7EFuTsoCXHtU4c/7zsRgqHycwbcCWwh0ljZUdFPd dFA0qY50y5hagkesYStSMpHUW6mWjKXpi4Lgs4aAwFKH7xGVdM6F79tpRJYvNdvS NnbhKuhDpwbqfV+zp8CvMQnS/s5YMVnemw13sfMW8HiLmwFjWEHsjhrEoNOjqfp5 TzQSJkc2p3vgfHl/C0OmaoGcyGHVYNro5j+AvSs52kHkg29RE1B4zX9fkeUqAwHO 2scRPHUgZl6HJS9TsaSQY3hZl3gl5sylPSNesx1MGM5NKORbSJT9cmEU973LKwiY 3BSN0AA/iofCidCbSQikWA5h28Jboz+ITIGw5pgHRMMr/EZ/lclZgnBYOQshma+n iHj7TiaACS3RIJuBpeX/GGOHS6g/r79Go36uuWHfGUDekKD5P9lFT0tzMt9Yynhx w7JlhCtwi/UzVLDlc6VlYZcJwVYm/BuFwSsOSf2BpLP4jyZW1VU2mmNKNKv7583m jfBcW6ZQHd0wy//uzPXkf2y1ga0XaMPcLlRJV+tZXN8H+jGbVBAoCHgcohWHp0P+ vq13VXGesxcpHAITV55z7it++1fFDl25LsVTexErIInRnJ1V9os= =04OQ -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-10-27 is sorted as securitytxt.
FireBounty © 2015-2024