A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:me@emanuelduss.ch
Contact: https://emanuelduss.ch/contact
Expires: 2025-12-31T23:00:00.000Z
Encryption: https://emanuelduss.ch/emanuelduss.txt
Preferred-Languages: en, de
Canonical: https://emanuelduss.ch/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtfrPefrRDREp0qegdq77mTUniw4FAmS280kACgkQdq77mTUn
iw4EPRAAiv4lPF8HxdAs3llWi7eCIDUiLIS5MGa63gJC4G3e7oMxKhsUIM/mPjWG
itoSv3u4eIiZYsajc4a4Mhfp3tDtHQjkZAMyz2sup1zKrPcgBRS7YJ5gcgNFHymO
Ux9rVktKh2FrzfGsCi+HdQXSE4GOEmdQ7zAf4wTzPAYUfg4EXykn9ZF9J4xa7d6V
QeJSFJf25BF5EQtTts9It1esAPRbWqM5uL0oXO9yEq2NVuXOeMAke4eD5d5bxXLA
dv/l7mV0yS7TkMfhP4/0TmqwRAHe3MgmA/FXudm4gSZLdTAq2vq7cAv/IeEBrzYl
GF5GTpRnYgqlwM7XmbudHSK8j6XoMELHaMbJT60aB7t53vGgYohiMMTdEnF9hxxm
lvMOCApgL9OjaLwFTh/QKBBZnpKJhaH+QQ0i3tXW3LZPUMQp2Waw5wVUsOZH2QDE
tTl4GtDM+oJ5Rfrrg6ODgm7ycrgbCGecLv+HldUwPBhkH84IxNlzkYUK833BHtD9
Iuez9z6H6FvJyyLr15W30Sv6x/FHeb4QIpInv6q1ml9vmQU+42ktinQEi1ak/5G9
puL9FH4QDzXuBoqMYc8sniK6TsuwmQW9C2C9XXM9PCyhadpGxCBHXfIx8h0LTXxu
MzILw0ymm5U6z3oAxi5Kjpq+no8G0B02EJ7d+T+QrZcLx2Zy+zE=
=38BJ
-----END PGP SIGNATURE-----