A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:nick@nick.geek.nz
Expires: 2023-12-13T10:59:00.000Z
Encryption: https://nick.geek.nz/pub.asc
Preferred-Languages: en
Canonical: https://getmicropad.com/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEpskEGciPPWPP5CyH8qR+uBl+agQFAmG2lxQACgkQ8qR+uBl+
agRBIhAAp6F0gYVv5JAQFOUYQswJKULR/VDG5Lgu0Gkkblg8GnFC0jitoQyyThBd
zVOWanJQQacvgGGeaSGDf0xiLz42qi6EzjsjHaalGBIhkPJ/X3EZNXkL2wT1j45l
+MevQzR/4mrlyUQH2QKzRHcJmWi6iLN4/yZwSW3DqMwXUS7OiMqtFwofqoL1ECY+
oFI7So1gEAdKHhPrSoAU/YLlfLq164bfzaKZ4b0se4EdF2C9OYae88ku8EEbvkWt
JdAxhDXFC3iA3RnPd/86j0bEbt4wnQBu4HVS4oM2ctQGIkOE+ru7JbrC6p90FNWI
RsTGbazNd8WYNFev/ErJNy4ElfAhO1YwNTTQZ2Kw2CwUSTL2BKdkMvich+yvZ8su
16oCVUuUx/ZQmfMd8Y1ONJxeOhoXHW79sgl+rwnPkeShAbcEpsQsb4xfAqCcJXv8
u4ZVAPvMuekaGTy/M1aYPEi+ap0KLZu6iqMwjhiWvSWRKQI8Z+ibfvOFDpvQ0mjD
vn7jr5pmIiK/fEZguobBjsanIQZKLdiG+UCSYqpuNRs3+5Ho6w/q1eIgCrtf74Tf
33F1QqJdEMKDGKr08OkRJi4g3vZ1dRzVE9V7x29jaLFvniwkWsCtPlxH+vseDRJx
PtJhb+2kDlWYGpi+NfZOqaxrZCHByw2EON7Ygs92FeTGt3wi6K4=
=EVCv
-----END PGP SIGNATURE-----