A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Contact: mailto:security@nubank.com.br Encryption: https://cdn.nubank.com.br/pgp/key.txt Preferred-Languages: en Canonical: https://nubank.com.br/.well-known/security.txt Hiring: https://nubank.com.br/en/careers/ Vulnerability Disclosure Program: https://hackerone.com/nubank -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEE2Bw0rHClA0yBLTUwLubm4YwwYB4FAmFKO8UACgkQLubm4Yww YB7dbw//Y9tpVdc5445rMz/0noIgVfxgvBbn5rlTsRK9FdquXZ+tLqDcpRt0puFm UYgwa/2wByoJbNHQfiEzFswciiA66gQg7xaTWrqIOPXXqkXYHqKnSDRvRrHQLsSE FsE5qFlN+mUhpw3Sr9W8cm/7sMDFsk4xVEHf+qnta+uIzF3PnOaDvSFwKhmE3FII d7KdmKlu02RHUxJ4iJtbDjw4t/O140+ZdJSXz/RXONtapJfAF9ASPxn5c37TKGZO +f2Gm1XYdoleHCWV/9AOUZk49dKVqHImfXw4bWCA07otF4yUq9zLzelyK5+PYzxt 6rmFDOHYNA7/ZxqwFUp3JCawspsu6kEJhwDPRsdBKhUb0TQqq4X3iNFDiIM1S1LR vpH/9b5Y8KnwAbO12A8fjvlkJx2yNin/kRLubV/iXIqzPa9sxZVSs+eZ9UQJOs+b REh4hzV00RXyaewtrUCU1OcKj2d38AMjOeFnGid5VnhLUR56r4t8QeL9ZbMy1Cn0 HUTd//Kfpv09RSpzBh3sW0eST3e4+XP2ZBiImz6Yd/EtutyGqMbAI7R9DVG/VXWE OAFqRGzuboijrSD412I3A1pnehsz5O9kn3w9/6iBoKz/wZgFuKkv6soRcH57PIxM ZXFNxiYGM5ubQEoea22x70nebcyDzWESXOMgg6K/BC3PskL/biE= =uNNk -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-11-03 is sorted as securitytxt.
FireBounty © 2015-2024