A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@sergeykozharinov.com
Expires: 2025-08-16T21:59:00.000Z
Encryption: https://openpgpkey.sergeykozharinov.com/.well-known/openpgpkey/sergeykozharinov.com/hu/s8y7oh5xrdpu9psba3i5ntk64ohouhga
Preferred-Languages: en, ru, sr
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSYhaCJknRrKlAZ7cAzdeI9SU8HswUCZliY+QAKCRAzdeI9SU8H
sxOvAQCCkp2fo3wUK8/mq2JTrxb/8RUAwsUIhSP6Z5HfLrgdnQD/X0O3MiAeAevU
gO4h0VWbtD5BKfrLXKTUqIX/HAak3gE=
=ggWd
-----END PGP SIGNATURE-----