A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# If you would like to report a security issue Contact: mailto:contact@cosmos-ink.net PGP-Keys (choose one): - https://keys.openpgp.org/vks/v1/by-fingerprint/581043AD011FE569A847B9A3F2F2B064A87A8BC4 (recommended) https://keys.openpgp.org/vks/v1/by-fingerprint/09871CCB409BF430AB8F3F1FD97AB559BAD1B391 (contact@... specific) Acknowledgements: https://blog.cosmos-ink.net/thanks
This policy crawled by Onyphe on the 2021-12-05 is sorted as securitytxt.
FireBounty © 2015-2024