A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an origanisation will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifable via a simple way, a security.txt notice.
# If you would like to report a security issue # you may report it to us using the email below. # # Contact email is base64 encoded Contact: bWFpbHRvOnNlY3VyaXR5QHZlcnlnb29kc2VjdXJpdHkuY29tCg== Encryption:https://www.verygoodsecurity.com/keys/vgs.pgp.txt Signature:https://www.verygoodsecurity.com/.well-known/security.txt.sig Hiring:https://jobs.lever.co/vgs/ Policy:https://www.verygoodsecurity.com/docs/security/security-statement
This program crawled on the 2020-03-03 is sorted as securitytxt.