A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Contact: mailto:admin@dasscrumteam.com
Encryption: https://www.dasscrumteam.com/.well-known/key.asc
Preferred-Languages: de,en
Canonical: https://www.dasscrumteam.com/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQIcBAEBAgAGBQJc3qkZAAoJEMVZN8DVa3TzXckQAKhkrIryxUEPoYB8piWRt76t
INDbxeN48F3rt55NMypjwZhKHja8vgN7k4OHe57g3xiwg5xh5ee86SelwAd7Yvhl
h2POaOEKRBwVoPnLeChfBzOwHANzqTrJUH7f4EEInjzEt/VdNzrIQYVQIlz4BQrh
XGhfaLuOrE/qaFptMH+hyFqIo7AUFs8+08xg9yGwTUwFjQ8CtgC5FuJgX79xcHjq
sK2W+tRrPY84ztnQkuMIuXEUwvjNHwk1Eu+n/+o7+BRtv0O8n+/mI7iM0E4T2hZY
G9pTomEiYyt2VQYEjFL7P/2lXCwx8A9XW4DHoTXGYCysGA2OFQIfKd399IQLYBrG
e8t8E+UA3kkmN26e0/SADKvWh2ISgCq9B6CYnnhk4IpfnXrJH+/jY6VEzZdLfNcD
SzF2Tg82MOfAGf61Sj7SiWeLMX0dWMVk/2e5Cs3lhM4QsKYTnLY1WDhH2tTQtA3d
7DqR0sZXH3Mf19hcPKgn47xKkddyBiAxQZhOl9I1F2oP+m88fIJiJHYDZyj8vIoc
weRwln13UbyD2IcsxsgV82mxM1KgoZY6gmsEbt+6TTPMHUwkL/JB6q/feg4TjTXp
tne+EYY2P8amPtKQoBhgXfqtYJwdFNWsjMaaJtRcfOiY9YZLFaTzKJwl6v+n7DEc
QNVRpE2bMij7J9ugJMWp
=njN5
-----END PGP SIGNATURE-----