A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# In case of security incidents 

# Also for vulnerability reports please contact the

# EBL Computer Security Incident Response Team (CSIRT)

Contact: mailto:security@ebl.ch

Contact our Cert in case of urgency if no answer: https://www.ncsc.admin.ch/govcert



# For vulnerability reports please contact the Compass Security Bug Bounty Team

Contact: https://bugbounty.compass-security.com/bug-bounties/ebl-bug-bounty

Policy: https://bugbounty.compass-security.com/bug-bounties/ebl-bug-bounty



# Open positions

Hiring: https://www.ebl.ch/de/karriere/stellenportal



Expires: 2025-12-31T23:59:59.000Z

Preferred-Languages: en, de