A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Canonical: https://colincogle.name/.well-known/security.txt Expires: 2022-11-24T06:13:47.000Z # Email is best. All three encryption directives point to the same key. Contact: mailto:colin@colincogle.name Encryption: https://colincogle.name/pgp/colin@colincogle.name.asc Encryption: dns:4c1001c251c1c923bca00789638afb17e908d526bf3e9975407c65d2._openpgpkey.colincogle.name.?type=OPENPGPKEY Encryption: openpgp4fpr:07E884C70EA50F815CCC7CD754D7834DDB6C364C Preferred-Languages: en Acknowledgments: https://colincogle.name/humans.txt -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQQ7NZ6ap/Bjr/sGU4FSrfh98PoTfwUCYZ4gaAAKCRBSrfh98PoT f6CQAPsH1qlpkIQZOR0CxU96qtSykdqS38SblvRnR9Iki+WjvQD/X6uhcxDakjIU 5DWlUCSWjPu33DjSikkYyF+8uNnDago= =HKSa -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2021-12-31 is sorted as securitytxt.
FireBounty © 2015-2024