A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 # Contact information to use for reporting vulnerabilities Contact: mailto:security@cert.br # Link to a key to be used for encrypted communication Encryption: https://cert.br/pgp/CERTbr.asc # List of preferred languages for security reports Preferred-Languages: en, pt-br # Date and time after which this file is considered stale Expires: 2025-01-15T23:59:00Z # EOF -----BEGIN PGP SIGNATURE----- iQGzBAEBCAAdFiEEFijHEXTMMflXlMINoj/YKobgHJ8FAmWhQeoACgkQoj/YKobg HJ/jZwwAkJ+bHAVIPVLV2nHAC9k1AWm8QZspW6RR/hQdkKhds200coxyJscsbSpp ZKlORHte4a3QuY7HCjghYTwOwLDiBk7M4Ii0CPsk9xdeDZu23iKrnxOC+AY7unsP Oyh7+iI99YC6pPjM1zhJpHGCJ/uIaEwiIB5s0xaqJFe6EUwwgvbYX1wrb/R6Ohgn s2wKlqqWhRsSv4t7k5aNFF+ZD2nKyKR1VGf2junGptReK0jkVv5oZpzst51qaH8Y gJpkBh8ex7JKJdyxjf3qXQLYkzfeSYTj6cCQpy6QpTrxtQuIpAO+0BQjhc+irQbM yEQwjdm0L+OtGXux3MxRSEqPRoIUfN3b7Skt+HPwwW7hLLLICWwUQUPdZtaro+2e AxbsByZjXpPoYRnwyJ4aQueURZDdlDnmyWK+0+zrb/sj9466eCQ7dYXyKUJ584KF gYfh8Bxe1koz/1UduY45YGki5KurseFt7nFSEgI2392NIWQWbcmD+1TF6ObDuhdw H1iG5e9I =yHF0 -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-11-02 is sorted as securitytxt.
FireBounty © 2015-2024