A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# In the event that you have discovered a technical vulnerability in an 
#IT system of the SIACG or one of its member, we encourage you to report 
#it to our SOC.
# we will triage your report and forward it to the appropriate team for 
#remediation.

Contact:securite@acg.ch
Expires:2025-12-30T23:00:00.000Z


# If you want to disclose a vulnerability impacting Switzerland outside 
#of the ACG circle, you can contact the National Cyber Security Centre 
#NCSC: https://www.ncsc.admin.ch/.well-known/security.txt