A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# security.txt for https://auditdraw.com Contact: mailto:security@auditdraw.com Contact: https://auditdraw.com/get_in_touch/contact_us Expires: 2026-06-30T23:59:00.000Z Preferred-Languages: en Canonical: https://auditdraw.com/.well-known/security.txt Policy: https://auditdraw.com/get_in_touch/contact_us Acknowledgments: https://auditdraw.com/get_in_touch/contact_us Hiring: https://auditdraw.com/get_in_touch/contact_us # Additional Information: # Email is always the preferred method of contact, especially if attachments or screenshots are included. # If you are located within the United States and prefer not to email, you may use our contact form at the second link above. # Please include as much technical detail and context as possible (e.g., logs, screenshots, affected endpoints). # We request a 90-day embargo period before public disclosure to give us time to investigate and fix the issue.
This policy crawled by Onyphe on the 2025-07-04 is sorted as securitytxt.
FireBounty © 2015-2025