A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# KanAPI security contact and policy

# Our security contact channels
Contact: mailto:security@kanapi.dev

# Our PGP key
Encryption: https://kanapi.dev/pgp-key.txt

# Link to our vulnerability disclosure policy
Policy: https://kanapi.dev/disclosure

# Languages that our team speaks and understands
Preferred-Languages: en-US
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEK/MaEs7SNSLPnRcbqtwuHswcxJEFAmZ8XSMACgkQqtwuHswc
xJExGQ//Y85OWOpKxM3TKmCgkA+duxF1yn4HoNP4jLTAxT9FaCUqdpMMxp3/4J3R
4G/3le483AOYeA/yDkynLP3goImBbRp5EYtM9YlmbbrUcAO88jA4BrRGEgIyQSfJ
xrRUvuByHVwdA/zNAbaj/N2LsZDtlz9kqoRZjpc8bElMDYHHyBsGTcbg9IUWcuzQ
bzcP8b4SjoXJfqEg7EF2XB6TPt58+WXagBsEfNMBSp2ekTJEpvCqnzn+yEY9s5xr
250q7ke/KEY4A+WeKrgTOhn0/qL6lVSqaGFUiB3ZrO1gzCc2v3XLpQ29vCRIBeBj
ZBwvMe4+xVM+sKwyIfmcQh5urFnwnVaf2tO26JT5XXinkZdNcrgl9lKPxlAzZ0AI
i/8NTSzzRxggiCjG8ZDlvDA/sifJNvBZNnQE3AIK3rQHma87YopCf0QK57zYPCk0
OCulbIcgyjRUc0MRWnq1OIA6ka6LlD+2iJn1nuJG8WhEnj5GR2zm4ua6TqK69MJB
4qs8JztGLPFeXrAsvTn6kctPGgr+WMRTQLFf0TDEmYxUaNz95J4JMLt2xk8FMR0x
qt+ZzQ7VHNR46Ux2ROhf22KY7/ERXvnJl9yEMPija7XunFBcCkYe4n1rzVKDd2S6
D0chYxrLbMuJ8cBpPNHGyGxOe6bvzOOgoiXyGlG9gAJ6HB3PyxE=
=KYpL
-----END PGP SIGNATURE-----