A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@safeserver.de
Expires: 2026-02-28T22:59:00.000Z
Encryption: https://static.safeserver.de/security/security-safeserver.pub.asc
Acknowledgments: https://static.safeserver.de/security/thankyou.html
Preferred-Languages: en,de
Policy: https://static.safeserver.de/security/security-issue-reporting.html
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE6EYiLnFPMCKnwZRe7Cs1wc74ooYFAmfI0dwACgkQ7Cs1wc74
ooZXXg//aLZrwgxa9rVbEptSlp0iofUhAk7IFKXxbEJF1aSdc9qAYLSSaGUDnEso
iZE4AhgVZlo0Ngh8eeWMmbHId/ydGh1bvf196U0dqvBv/wBYPWJ0JKjnMlDCfVs2
mqez68MKIXdRLH5ncxKGmcmDqVyDiDRvI2oN9iS9lNGBln6EFB6LmRRnYXjjHOy3
tdcm+GoR4dTXQuFO00AAMmPwPzQLhbt+czJvH9/FMEeTgyIXExIIMz6925M/KVDm
SDpdy4OIrzRZx611Hz4N3xILjG+ySPkxH6+3VSL3EJu+/qc0CI24zOtAO9gxUG9Z
VCCpJXTI5nxNNmfUsemZHdyyIVfg/BvaTilm1v861KFfsdYa0BBeDIxXAoRCpT1X
6n1nzwDrLlT1YvRDVj+QbsCB8jE26t9lFYBN5G1B9iuFEhi/TqtKxqHTiZ7WvG/m
tKzqWOeY97dVgzlK4l3mvMhhdd8jr+zGfb3lYaAVzNSWLtmh63Baylnm3AyplJAO
F0lYb2q4T4RjesdQ7EJiN/Lz1mjDohr7HRj59aZSUHD6oVC6GZQrkYPKpqdX75lR
PcFOyocTjn4J0v+a0iK4E9NbSHLNFvoZOMHaCvY40eRM8s6n2uQJKUu3VGXvhwVZ
QPUlulehGgjI9S0zgyCmZE9vOp+mlH9nfaeD5739Dl+WsYr+mA8=
=b2wJ
-----END PGP SIGNATURE-----