A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@operatorict.cz
Encryption: https://pidlitacka.cz/.well-known/security.asc
Acknowledgement: https://pidlitacka.cz/.well-known/acknowledgement.txt
Canonical: https://pidlitacka.cz/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwjGCMKe46x73oO61ZJSdRGUoJVcFAl1ptBcACgkQZJSdRGUo
JVcqhg/+I4bRQdzzAte+GGuPnoAO8Kro5rZaN/4M/N7N3fOCAhZrCJXSpzP0yNpw
U6t7JlA78sHnggTvGNbslEbGU473z56ogdpox+/xkCTIdzkHypexINGRYt4Ygtm9
vhN53nPfG4MGaPH1QKIrdBq5gO8DxFovL7vA99DpJ7kpMkY8tddFkvCfLRvg1+5h
CCIATkN84Q8mk13n2n9K5aZqST2QGmwpHYDBRn6FRvobRKf3RkIYSciNfP29+LHz
1ZzTDb4SQUyGvwe7MRJli5mk1zKmKzQ+9thm5vOQ1pd8JZZWVdKoY6pCmQISsHTt
AjkewUhn57IokXJGdr9AdpeucQssGL6/1rt2ecw0SR1A8K0bS+Bd/sXGDMFkiaPB
tTpPdW0ka5l/oOajNXAt4KlG3G9xzbgY+DFhfAEpVbbSyWtWBCsmIxV6vuFlau+i
qAFdI2mlWInCcc1pEZU3wgoXnASvIcAHCtWFUHhtahu3mkYnqvpiZKdQsKT+f3NN
GVFq/MfEU65lnr8P7HqiIxkcQG3JqOjGCUCtENqIYiya2S4FEoZEqkEPVbezQFxy
1w7HKUKEkPU+TLozg9EYCE97JUdjKyXq5AEa5zTeeV4l/pBvQlCxykBkHOh+Wb8O
mzDo3NN2nZ+QLjHolsOLPjzoxOM3IeZBK4+1IS2MCH0ZpI4yA2A=
=977h
-----END PGP SIGNATURE-----