A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Campaign Monitor security contacts and policy















# Where this file should be found, if found somewhere else it's not valid.







Canonical: https://www.campaignmonitor.com/.well-known/security.txt







Canonical: https://xxx.createsend.com/.well-known/security.txt















# Our security contact channels







Contact: https://www.campaignmonitor.com/trust/report-a-vulnerability/







Contact: mailto:campaignmonitor@submit.bugcrowd.com















# Link to our vulnerability disclosure policy







Policy: https://www.campaignmonitor.com/policies/















# Languages that our team speaks and understands







Preferred-Languages: en-US















# When this information is considered stale.







Expires: 2024-06-20T05:00:00.000Z