A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Campaign Monitor security contacts and policy













# Where this file should be found, if found somewhere else it's not valid.






Canonical: https://www.campaignmonitor.com/.well-known/security.txt






Canonical: https://xxx.createsend.com/.well-known/security.txt













# Our security contact channels






Contact: https://www.campaignmonitor.com/trust/report-a-vulnerability/






Contact: mailto:campaignmonitor@submit.bugcrowd.com













# Link to our vulnerability disclosure policy






Policy: https://www.campaignmonitor.com/policies/













# Languages that our team speaks and understands






Preferred-Languages: en-US













# When this information is considered stale.






Expires: 2024-06-20T05:00:00.000Z