A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@cyprx.cloud
Expires: 2024-01-01T13:00:00.000Z
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/819965579BFB17356A6F0C924E132B99BDFAA373
Preferred-Languages: en
-----BEGIN PGP SIGNATURE-----

iQJJBAEBCgAzFiEEgZllV5v7FzVqbwySThMrmb36o3MFAmKEIyMVHHNlY3VyaXR5
QGN5cHJ4LmNsb3VkAAoJEE4TK5m9+qNz00kP/R3H8/CpVNo3JJLAZwkOAfHmIwbE
yAG5auQLe1kB0S1dutWN+cEQhQG/VDWiB+devZIMD6Dh8th+TsqZD4UVaEIYUgWD
PRMrjhzDDtnSdgThzbQcd6Whs9faVA3MA5/Vmw42rVXCeowi+kk+uiqsvzKQnerH
MtDNHsPVyToCFw8cC9+cwpBW4V519cIHas6pEuiM2B53O8qUN+RDonWwl5TvCQbc
SYDWNSR388bLz3SaKQCZLfstE2yhRtLqsF1m0OxWfwlmCgcCY/B14ndryNOAeDSw
S/biU/YXEza2Kf26VeCwp5jFESDC8ZjwicePkEZCXLavI5pkYJhQezxDLSRJif2c
PsDxZzMasfOVtGr0Ihf7/WRFaTbIMOTFbdTNNkUidTVdhTg2tElIodPIa63ru0BR
8uYamC279s9GTobS/HFjF/2L9xFpjWQcmwgVUdXaMoulSw2L8LFsSf4uCoGOttx/
2dMQALxkOHYeXXpg7nFeaeeIlJB9s+S7wr9LT5Sf4DJTNQOS2PtCYZjacUmHLjeT
7HbgeAC6c9igWRIuJ/pJSTi83UmxnNs47uxmxr0QPSUZePcjKEMYo9fukI+lwSBl
o5ALYiTicn0z6ECRdyyWVlAPp9VSpYArM8cg72wOoltsCYq26HQemTbIfUJqVavq
mhsInzfJA+6dDRBx
=b6kg
-----END PGP SIGNATURE-----