A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@outfunnel.com
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/7C183A1153C2D8EC52BE5AF3404A5AEF1B60D0A5
Preferred-Languages: en, et

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfBg6EVPC2OxSvlrzQEpa7xtg0KUFAl20CBAACgkQQEpa7xtg
0KV57A//aUq4DqxQnG9yt+OqbdkkIDRG/SzSrjP9DO/jP7bE2Ud44VEz6D3bjQqG
Qv2xcoRPtn5Pa94MOokmM1UFDMZaSHQm8/H6QHHM/ziIVYJ5l9ImW5lnbB5Yo+7D
wyfU1Vu8EBGDEqqFeTsj+ODCpgKltNbpZoXVWAZ68ljMOKak62SwYC4vuet5bdgT
wFljx6XnXT+Xi1wEkApzM173CUKRVaPqImK/unvAlhoGpdfbRp0N0HG4tQmdzj65
rmE8ZckHkidKkxtqs6tcTtpx1TUAEisS1D167mcyLWN8f1TBpIpjmFkusW5KiEqn
FZOClOpOKjDCM+2GNRDWhmHMjoSmpFyNVel74ak89Ob7yfJK4atc0fpZSVZWeN0P
lZqYfczzRAKAKXRjpcXDhQYwU+HohyDacyVMXJAK+FF6FYDHI/xjtKE60dBNty7U
KD/z0HrHVx05d2r9WV15TOheZgsUcHe6c4grdfShLX4bpx/BYFjxkM6rEPTI0h4D
fH5+M7n7k4epihfUBtRTU4cT97UyPaZvER4D13Kx56ERPrvhBmvQX/PC3LOIgqLi
0eBH+6u2t36lT1hlH3THk1y6DlMZ80+ckwkw1HnQX/fgloFT7DjC/196XD3fuDW3
lFpsp/QDyevGNf42lk/R2kjWnk0rAMq2DIE9eDiTcnysn1mH5p8=
=1MiK
-----END PGP SIGNATURE-----