A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: https://www.stroeder.com/impressum.html
Contact: mailto:michael@stroeder.com
Expires: 2022-12-31T23:59:00.000Z
Encryption: https://stroeder.com/michael_at_stroeder.com-6A8BC938.asc
Preferred-Languages: de,en
Canonical: https://stroeder.com/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEQ8hzDoSiDlYHIoBsB9x642qLyTgFAmG8jYcACgkQB9x642qL
yTiEqwgA48vkt8H/t+j9tqV2kQ1oq5jJ4eewf9CXHtFrEqa6HXX1PZ8uUP3+GPRX
Xcw3/WLy0InNfNq0wpZKvs7sZ0UgibQESnlfSK/xeoZEErCeHOJTEPxpQTX0v3cB
8Y21+wfWr5njhLswEgvOvFLjxG1z6ARicnqeglTPcJ7oDUt7ADBh4G6j0I6Aerrr
EKNJ2AxoPNI++PNUoPdxuIa8oZ8c3nVjofJ52qlG0H6TysI6N74XJ3i8hgvyGIwF
K22uoYQmwtJfmhNmZkSjJHIX9v+S2ReSSIfJb+j7ynBH7AiCAKs4JE9ZS5J+dXbk
lr4tljGMm0A5dLHpuHT4qe6DVPcATQ==
=2Lbm
-----END PGP SIGNATURE-----