A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Canonical: https://clientcentral.io/.well-known/security.txt
Contact: disclosure@labs.epiuse.com
Preferred-Languages: en
Encryption: https://security.epiuselabs.com/epi-use-labs-security.asc
Policy: https://security.epiuselabs.com
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEB1XGanEDqHCHOoDFSZgQBTFyBHkFAmCsqSIACgkQSZgQBTFy
BHkBSQf+PYm0DsWdJKKKkv9A+L0KpMPsJwcXTdBRrD57uzoAb8sOlFzbYHyxKt9F
xdjg+YIg8TWTHU/kMRIpjc41DbH58Gpbo8v2saVfqlLzLQ8zONyMmYF81AKhRzXG
/TzFYmWSkU2/aRsuzX8XBFRrNhsJEozC+LWxbrDUeHy4wGYvwYaQnhKK9YC6xnGQ
iy2R0R8yVeiMaZMgvEnei+BoYMRUtptRyrCN7huQxHsmbQk7H+6WRBFCwRyhljJY
eb+MBtcSiH6cP50h1KAUH/lnc/cMAmpij1IDc/X/S0rx5WR+VTLt7iRp+sMbuXNQ
oti3vSPxPIR90Gn8udNmkWnCiQDOew==
=NIzd
-----END PGP SIGNATURE-----