A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:security@stimulatedrecordings.com
Encryption:     You can send me encrypted emails at craig@grubb.scot using my public PGP key:            -----BEGIN PGP PUBLIC KEY BLOCK-----      xjMEZ2c4XRYJKwYBBAHaRw8BAQdA+GFp7ZD08iHQLbVEfzoVaO1t3BXygBl0     37nS6ZLl1NjNI2NyYWlnQGdydWJiLnNjb3QgPGNyYWlnQGdydWJiLnNjb3Q+     wsARBBMWCgCDBYJnZzhdAwsJBwmQS+hZPLMC+vZFFAAAAAAAHAAgc2FsdEBu     b3RhdGlvbnMub3BlbnBncGpzLm9yZ7/aZE5lvryRd4vxH551vJfnSjcsh7it     lji9I4BI7DUTAxUKCAQWAAIBAhkBApsDAh4BFiEE6Xe2OTWyY2ItKOtXS+hZ     PLMC+vYAAILoAQDGmFphiRYOLrV4SPKupLOBSTYL8ZEUqCZiOs2CJfMmFgEA     lrSJxtU4GkOQI6E3FPfvxaLmcyaizFVtkuWGSKqJDADOOARnZzhdEgorBgEE     AZdVAQUBAQdAq2XO9Q3XYxLiSJfKei6NzEH4K9ZnI/Sb0GaUhCorHToDAQgH     wr4EGBYKAHAFgmdnOF0JkEvoWTyzAvr2RRQAAAAAABwAIHNhbHRAbm90YXRp     b25zLm9wZW5wZ3Bqcy5vcmfWbvVmnnz4NWlzklBov6FwafX9dETggyM2cbav     puJgbAKbDBYhBOl3tjk1smNiLSjrV0voWTyzAvr2AAA61gD/WJEwge6OhqBL     4Wz2Kx+Jdn607etHWZldsbSeLc+47dQBAMczasfZ9FzLy5qRXfuIfP7gd6gu     Dvwdx6OdbfFuLsoO=BDBb            -----END PGP PUBLIC KEY BLOCK-----             To encrypt your message, you can use any PGP-compatible email client.     
Expires: 2034-12-22T00:00:00Z