A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:cpcert@se.com

Expires: 2025-12-17T12:00:00.000Z

Encryption: https://download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_Doc_Ref=PGPCPCERT

Acknowledgements: https://www.se.com/ww/en/work/support/cybersecurity/wall-of-thanks.jsp

Canonical: https://www.se.com/.well-known/security.txt

Policy: https://www.se.com/ww/en/work/support/cybersecurity/vulnerability-policy.jsp

CSAF: https://www.se.com/.well-known/csaf/provider-metadata.json