A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# This is the security.txt file for Unrisk Inc. which provides security for a 
# number of different websites.  

# If you have found this file on a website, we probably support that website.  #
Please tell us what website you # are referring to in your message.

#
# Thank you and happy hacking!
#
# http://unri.sk
#

# How to contact us
contact: mailto:security@unri.sk
contact: tel:+1-213-600-2005

# Encryption - This links to our public PGP Key. We prefer encrypted communications.
Encryption: https://unri.sk/.well-known/pgp-key.txt
Encryption: openpgp4fpr:C6E6AB62135BEE0ABFB8AA620614933E0D1DFE74
Encryption: https://github.com/tracyreed.gpg
Encryption: https://keybase.io/tracyreed/pgp_keys.asc?fingerprint=c6e6ab62135bee0abfb8aa620614933e0d1dfe74

# Policy - How to hack us in a way we will be happy about
Policy: https://unri.sk/.well-known/security-policy.txt

# Acknowledgments - Good netizens who have helped us out
Acknowledgments: https://unri.sk/.well-known/acknowledgements.txt

# Hiring - if you offer security related jobs, put the link to that page here
Hiring: https://unri.sk/.well-known/security-hiring.txt

# Signature - To help secure your file, create a signature file and reference it here.
Signature: https://unri.sk/.well-known/security.txt.asc