A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@forwardemail.net

Encryption: https://forwardemail.net/.well-known/openpgpkey/hu/mxqp8ogw4jfq83a58pn1wy1ccc1cx3f5.asc

Preferred-Languages: en

Canonical: https://forwardemail.net/.well-known/security.txt

Policy: https://github.com/forwardemail/.github/blob/main/SECURITY.md

Hiring: https://forwardemail.net

Expires: 2025-12-31T23:59:59.999Z
-----BEGIN PGP SIGNATURE-----

wnUEARYKACcFgmhDtCIJkJoVjlJUbnPVFiEELjiX7t4076ypQZS1mhWOUlRu
c9UAAHvAAP9bUviQcGh9eKJGxe+EVE+wrl0DpqsHXBs5mkX5dAtu5wD9H0dy
Wg7iWzFSt7UA/eO2kHt1n4Ajmi+6Wq26fXNEPwA=
=S+MF
-----END PGP SIGNATURE-----