A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:kontakt@niklashagman.se
Expires: 2026-03-29T22:00:00.000Z
Encryption: https://niklashagman.se/.well-known/pgp-key.txt
Encryption: openpgp4fpr:035793689EEDB442B87F113171A38842B7DC578A
Preferred-Languages: sv, en
Canonical: https://niklashagman.se/.well-known/security.txt

Hi there, my name is Niklas.
I prefer to communicate over Signal Messenger. My username is tojts.01
Have a nice day!

# gpg --verbose --local-user "0x71A38842B7DC578A" --output security.txt --clear-sign security.unsigned.txt

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQaoFo5jjNKSYnLg+laiOEnhceT1AUCZgfkagAKCRBaiOEnhceT
1EVqAQDx43ZN3c/ELrDefJbKcDUeiRc0wPGuoXvK5PEsPczXtwEApRbamvJsh3iq
gyivsFQ9Rgxss5Z/Y1fg9eFTkw+Xrwk=
=lwBf
-----END PGP SIGNATURE-----