A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



Contact: mailto:security@swm.de

Preferred-Languages: en, de

Privacy: https://stadt.muenchen.de/datenschutz

Expires: 2026-01-27T12:00:00.000Z

Encryption: https://stadt.muenchen.de/.well-known/publickey.txt

Canonical: https://stadt.muenchen.de/.well-known/security.txt

Hiring: https://www.swm.de/karriere/berufserfahrene/it

-----BEGIN PGP SIGNATURE-----



iQIzBAEBCAAdFiEE8k6VF/zQdEsFCW7Xj+aPI4cNIRwFAmftEogACgkQj+aPI4cN

IRwZ+BAAx29BiiBYi2VrGoRvsp+pNzujsRG9GnNU4u3Aj8MsEg9d6/2US7cAZb7G

dUxDgWhAoEfd7W2lLJfi/mC0Y52N86mAOmxzRfPBA3WUmT/8X85J1DpLKwY9UmyQ

0pPC0/vcaMmaJo6FHoyXjJlhyK9Kq+DLB2+5iwTm4pFPO4Q0HKj1D9RqyJNNFYEv

T2NQj6Vt4iZNxcVuJsScjgz1wnK5eJITxnA3CpICBquBZaBmVAIHpTnTxXjtBoxE

wnpYiUyRvlLEa8pCc5xlm45SVGa0ka7clI79Rgy0HbY0/Piq3kPrS3rq6R4OzYWE

HOKkDSrpF3lX2Veu7n+DCIfbrNoMwhKOfOuMjgN3ntftW6Uo8Nm74eciEbUaU53x

Ff5ibO+SN7f4rVSRzeAgCVmgK7Q5FEZ79xMxQ3LSJhp0gzNfCkp9nr2fTdxvpBaq

TS491gdspLm3khl5uwIidLeUIxh2tbgBmD+412hAqhYTGL0fVe5pnCdRnin080oE

7y5roiMkmT3rwPPatz88M2MOlPYf17MKJtDlY2+9h5aoAEWaGH5by78twNsdVfj6

LVsaiN3/+6pw6FkBTeZUPCheoXLOl5VlO7xNNw/1x2L8SxKaX3n8JBDHUmsMa6H+

IJ00UHvV6GgCr8IomWI3OvNlpT0qiWGdip6CSjglzZXsVh7gjrQ=

=4vqh

-----END PGP SIGNATURE-----