A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:bobby@bobbyhardman.co.uk
Preferred-Languages: en
Encryption: https://bobbyhardman.co.uk/pgpkey.asc
Canonical: https://bobbyhardman.co.uk/.well-known/security.txt
Expires: 2025-12-31T23:59:00Z

# Signed version available at /.well-known/security.txt.asc



-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwzBLn4eU9bRTb42KjzPtsn1nczgFAmiE56kACgkQjzPtsn1n
czhY8A//U42dqirKTh79qVdK0ssqE7gLFRIHm3KuQcepTgoIsOcK91YUSSt1WqF7
ZC7OrgW/c/FdlrzAoWQh4CaRfLWJZHhgGrPrd2rmOLgeGzzRWB21S9B62NYo0lMY
NF00qJyAMNI/bdAcrr30oayV7opA+q1/FMoZPwyIABMPeZYmeWYHZUd6bHKWjTE2
YFpBrzcOEiQizEu6rnh17SI/G2ercOoIIVcMjQ+HRwcHroq2xFFNj3Gd4fBbhbYu
c5V+BE+dN6qlx/D9m1NbuROEeZLtxM4K6O/FslQM8wvjv/RuaAIKNWp43bzoW5pW
Zlz2XE1wNDdbDm/ZrQiDmJwTbn0lk7Ck306c5Z4lLHUn3uUPqzgzzrcSUZNWFunK
DLWX0Ns3WuqM4ZrRYUC+vnkd7rRFO1E0SeJ09Nz6sLFob9O5+drVm4zjqRJ86AQ9
CR/DXpETi2rCmKDcXFZiynoo2/zLoMJt63TjOJglKsA2m1LPTpKzV1GaJh3LwpD6
K1rrdrwWxpNWVZiVPtGsacbbNlq4vId++HWvT0EhlhApjGYaIzvaD1SYGabivkbI
h/NiyycE25/QWjZ6mSrdPXaWmElwnmSEDoc7aZHs8pLCMyH1pA6UcRYSLBAwziXN
Idm2bLl9UsuphYzEpBM7AYZzVVkRamOuFzVxT+TkOpxLlq8E8jk=
=esdf
-----END PGP SIGNATURE-----