A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512



#sematicon AG - security.txt



# How to contact our security experts

Contact: https://security.sematicon.com/Report_Vulnerability/index.html



# How long the information on this document is valid

Expires: 2033-12-31T23:00:00.000Z



# Our OpenPGP key

Encryption: https://security.sematicon.com/srt_pgp_public.asc



#Our security acknowledgments page

Acknowledgments: https://security.sematicon.com/Hall_of_Fame/index.html



#Preferred-Languages our security team speaks inhouse

Preferred-Languages: en, de



# Canonical URI

Canonical: https://security.sematicon.com/.well-known/security.txt

Canonical: https://www.sematicon.com/.well-known/security.txt

Canonical: https://www.sematicon.com/security.txt



# Our security policy

Policy: https://security.sematicon.com/CVD-Policy/index.html



# Jobs we offer

Hiring: https://www.sematicon.com/kontakt/



#Our Common Security Advisory Framework (CSAF) Endpoint for machine readable security advisories (CSAF Version 2.0)

CSAF: https://security.sematicon.com/.well-known/csaf/provider-metadata.json

-----BEGIN PGP SIGNATURE-----



iHUEARYKAB0WIQTfAe10AFhdBGRz3Bx2yYguKzDJHgUCZbPA9wAKCRB2yYguKzDJ

HtOjAP48xzu3FEzkzbWl9SgiG58GJHeQb6Sm2JHnWICczv4gXAEAttf3ZxpKBama

2kZxFTjeEDjZjiVGRNLRZ+VlXIQh1AU=

=YeKR

-----END PGP SIGNATURE-----