A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@forwardemail.net

Encryption: https://forwardemail.net/.well-known/openpgpkey/hu/mxqp8ogw4jfq83a58pn1wy1ccc1cx3f5.asc

Preferred-Languages: en

Canonical: https://forwardemail.net/.well-known/security.txt

Policy: https://github.com/forwardemail/.github/blob/main/SECURITY.md

Hiring: https://forwardemail.net

Expires: 2025-12-31T23:59:59.999Z
-----BEGIN PGP SIGNATURE-----

wnUEARYKACcFgmi2hw8JkJoVjlJUbnPVFiEELjiX7t4076ypQZS1mhWOUlRu
c9UAAFRGAP9BqHsmW7iW2nr1HWh9VBzDw4avlk3xbfaWSrgD7Zo18QEA84Qj
OlvdEncanrR1urGtZZBYRwlvtAtjAyO5BDC27AM=
=Lq2+
-----END PGP SIGNATURE-----