A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:hexaheximal@proton.me
Expires: 2023-09-26T17:01:00.000Z
Encryption: https://hexaheximal.com/email.asc
Preferred-Languages: en
Canonical: https://hexaheximal.com/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEDnaP6DkEduEj2a2FuL1x+J09oOgFAmSdxqsACgkQuL1x+J09
oOhXOQ//S/idUlEmg1erAqR4gYDfm+btyXa30xP2cyGqXExImBs5WqBuIuZA3KdS
w2Hs6RWxYi9rZihnX0lRlVxapirRXzN8PmzsoGesdQhXc3pHp7x8mKVSfoLUubWH
IID+qkyNFB9P3aUOAMTYq4cSc7b5rcAaOpNhpfe1iqRfKJ0iVl/+p6Llm9zKhS6s
K2YPq5jkfOcpccsy0VGzBHelpYRe1AJYz1riegTppvDxHGvmw1HLxMXCHgdiJ3uz
JPENvetLZVrMKiKXH/2C8qcdADPVBUbpqDyDJkA8ULlS1/cJIXARfG6C+Vk4cshg
IhuoWxAfPpKs6pPjOtnaCuWve1GoWMs18nS8yYNN2J2uvOSvjtufPbqojkFWXmuG
iAi8pwUmRkHh7WIHIziACpQQqSpMtKuMb9Ze01wtf3xIPteu8cSVYTw0Eb860kBt
NeeWjryexO6TJOFBH4CLi7LYQmsDzAwooNxTVAwonj8v0kGzq7JZFVpBcQ/RWyEe
a/WSyjHVKq/tvsbNT+xny+6YZ1Ca0L2IqjSb7JlYmUH962yt2P4xQTT+oJyjXUh1
WF9wzjZjjiv9qTIJ9kzefcvue7hHkHpDk3aKvM/1IoaEhzzgEG1rSiYsJytudLDn
K0k4nqTPHyKCGcLRaOZLTWKCfXxenlD3YxPyfnfs5+7B1f5WrHg=
=meMQ
-----END PGP SIGNATURE-----