A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@e-sobotka.pl
Expires: 2030-01-01T11:59:00.000Z
Preferred-Languages: pl, en
-----BEGIN PGP SIGNATURE-----

iQHKBAABCgA0FiEEr8bUQG20DejPsTN8/HpiSP5H+8cFAmUm068WHHNlY3VyaXR5
QGUtc29ib3RrYS5wbAAKCRD8emJI/kf7x6TSC/42rH8QQ5p6nWYDTj+yDjH1veze
N2e2shaV9kIRrwwm9Q6z2BZZsaV6NSYYxhJzxWHs8PeZMTipxrYOkyAKAcexNlJd
T0/TGd0B0fIGjo1NRf5+jYc9icpZRnZlaQIfI7ZxbDPQuggENGWxilUtMBu3VuQF
wHTCc3d7+3we31ZmMEjtQQo3ktZNMRdnsHiVUDC8RlJ4WzbQeo22BuQnjDK86Umw
/aMqT/II0FtUfItvjoS78HsWZS15gsGdf4ytAM7dlevGj1Xc9acFFAncPFzQGv9N
7z0RmzI2lS5KDLdwuc3/1AIG0Vo95wf9VyAl2EBK9OfrTQGLQW1S6TaHcitt1M+S
lcwa8lfSe+Ad1Rd7+rZwHk/+1+rJQS1ImQIOeavNKvmhIfJmrr3uGuXvnVnBx/UQ
8BLLx8/3dYZdMsmO5iJJDwjKgPq8X4tMi+0JJix7vBNNS0bhIkCZ+0qSTiMzmtVG
Nkvoj2S1QbOYpzq+dlkZEXPNxY0PGgNtzeB1FxQ=
=W655
-----END PGP SIGNATURE-----