A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:webmaster@apirie.uk
Expires: Thu, 18 Apr 2024 00:00 +0100
Encryption: https://apirie.uk/key.txt
Preferred-Languages: en
Canonical: https://apirie.uk/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQJFBAEBCAAvFiEEyNXozBpyRuiGRy8e4myOwMqe2jEFAmB8PisRHGFuZHJld0Bh
cGlyaWUudWsACgkQ4myOwMqe2jHTbA/9G5103VTENFo044cl+Zl2xskxCNbeOcBg
BNGaLkGRDmHsWju8CCWnx5X6JpmYVl+MEPv54tYbLcLLoP+nN/2WP1/sFkNEO52j
W6hGHGpdg3C1h8p063yl+V+bf0tlOtO92yZAr4IMLTaiyHydEQSF3upnUviAFCD0
cMG2EJD+xhcawGbC41k0AbthqpqNT+6ARjmXhI8HULTjhu98Vyn3LsHAZGQE6c4Y
OfR2U9OlIVYap3d/hNSJ+1NJOn7A88HOXLLNJlNCa9PvqrfXOxxcCEHIH6B8GOW+
9MVz6TtKwTTZozbekdF6qMopkm0U4JcVuClJHJyUVj3p87PCwWBMj8KwOE9OHHFS
RyLScXEP0e1NORPFGXADKfD8hhe2mXxociA0IXvLYY1n3ZiWoRyUvRBXkCvxbxrA
Hz3802Px3Yx2OgL8MX7ls0BK82q8jEm9Y3Jp2j1sAhIkVxGvBr0jk6bf7jspVQUp
anhDQSpO1UTkNnoAmaMa613ig8/Cn296ZUUpjsnXrnTT/GLkGT8UzR42xPNs529Z
EQlNIFtJsuXrAqZpRZgz9Fq5dAv+VLiVKCYr/ohDnD2pS/V0CTwZQrWJh9ne+SnZ
7OZ5k4GoB5tC6oDOPyUMXZvu0SU+tjt3dNv8wKQ5BLr/65f06gl4y1nnKZRxIprS
2JjsLXyX9Bw=
=NANz
-----END PGP SIGNATURE-----