A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# About this website: Anyone can easily create a homepage with https://bt-web.com/
# Date created: 2025-04-10T08:20:37+09:00
Contact: mailto:rfc9116_security_txt@bt-web.com
Expires: 2025-09-07T08:20:37+09:00
Encryption: https://bt-web.com/.well-known/pgp-key_h-company.cyou_20250410.txt
Encryption: https://btweb-demo.com/.well-known/pgp-key_h-company.cyou_20250410.txt
Encryption: https://btweb-demo2.jp/.well-known/pgp-key_h-company.cyou_20250410.txt
Preferred-Languages: ja, en, zh
Canonical: https://h-company.cyou/.well-known/security.txt
# coming soon...
#Policy: Policy: https://example.com/disclosure-policy.html
#Hiring: https://example.com/jobs.html
#Acknowledgments: https://example.com/hall-of-fame.html
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEgYZVPwCL7pF6i+xSXeQBBegnY1sFAmf3AMUACgkQXeQBBegn
Y1tK0BAApcOfkbcCI1xMBJcFIP8aKD91o+vWB0fvUMGBjoG1ozVLf2EQ7ko8X9tq
TUwk/NJgp0LumW1WszsR9iWZ0r8TyuhxW6n8h8gTTfPKpQZFusXoQ57/qJ1w4Auv
++W330XGf2gCc+G9y8zPs1nGIMjraQMl0Q3kwsHAvRN1HVUKU/4dXt6Ax7Y2nzKT
Y23JaYeAI1ndaPk/LRCbCLYm4Tl2QQaC58urk0ppbt+PgdJN9y9ipbQuxvDo46Py
vB5xIOnvUUpKyRmOhmLvyX2m7SO6a1Ge/u85fU4Aw32M7IqSf61LqMTWHlJ00HsL
Qey0eOjWoO/zvr+eY+uJGupEhVcSVWM887qLjgSoqoZIqiktoE/zePzTt2erSAij
DaCSTYTAkoOF0ykLtj7NPKrh5AXcR2iargwfjKI/mG6CLDSS3QGOVdiqGg5wFmRk
kROG5WML2ZE9JUxzL69CN4pth8uUw8QUkYJn5dxF/UfG98toig4nScPAGKYU8zwD
5h3JDd8Mx48vA7KIjr5OmWo0C5uFNkyDp2oUmSJxRoCrpfsbMZn62uRG47veqrzU
ZC/0j7mUic4dSGrK+G1gH0xbjJhDLnDfWMiPDu6ynxlU9upkQweGSqFRQDDZ8IBN
Y+EXr4oKQt8xjkcQVdY4+XuGqY7kAR15pfZ7j2Pd1eZvKerrfww=
=EOi6
-----END PGP SIGNATURE-----