A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@contentsquare.com
Expires: 2028-01-31T21:59:00.000Z
Encryption: https://contentsquare.com/gpg/security-at-contentsquare-publickey.txt
Acknowledgments: https://yeswehack.com/programs/contentsquare-bug-bounty-program
Preferred-Languages: en
Canonical: https://contentsquare.com/.well-known/security.txt
Policy: https://contentsquare.com/disclosure
Hiring: https://jobs.lever.co/contentsquare
-----BEGIN PGP SIGNATURE-----

iQJPBAEBCAA5FiEE3sFHm5grRbsnnm8MUN5E/tG6BRsFAmZHI7MbHHNlY3VyaXR5
QGNvbnRlbnRzcXVhcmUuY29tAAoJEFDeRP7RugUbfiIP/R5qRAifa4QtVMV2MuvS
s3McW3+zs+cUXJ1fRJ/q5tB7H4GaMRLxiVvtnmSuDKjrur22FGA1eh4s+c1Fatov
m1abOPuxIJiWXyC433ATmrPWM97EbjzaBDT2uyb9Jg9dOum/fj9s+DIXvYhP+ZME
aw5Biteo4WkarTg/QOqDMYWoOsMtpOLOccTdJ8NIcTxACuA7Y9zdhK03YDTxMSqh
9cENKyqLLV/WXLP8e05GwJDqdH899Sz+tvZQb9YpGk+oTEUS8mGkNV7RAQzMkS0n
6UeKcuOz3B7AsdWGyHFMDZV7ElHrtu1x5Q+5LPKsa5cbO/MrGq/TTSs92tFUpCnA
PaUfStQ64lM9OeTO5AkvfkIvWQhmTOZVXvAYR+Bk7Q7/SC4SZyZy8vfk4vOA4tKC
eJ8NCgax1qHt4k9SmEUNNdCEF144gOW+buC/buLJo5AAdCxBSnI2jbc2oU4f2OeL
EL/M04U19RhxtbdO9zJtlSF0hNvGkNV9fQYhUVNcAPeKeW89AWpthuoL6fLGhEyG
pMjE2hdWL60U4jZNaskCsXSitdns1VXZgn8m6frmbpb1u3JhqXnPHhdz9jgUplAt
4v69gNcXle2MEbRo/KHnAkqM3XHF/7bPGghYd1rQ/P+QnZvBQyGX1BLHFhoS4E8q
n+AHgwUPeQYSIkcst86/D6HX
=HBzQ
-----END PGP SIGNATURE-----