A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:contact@canton-consulting.com
Expires: 2026-04-17T09:00:00.000Z
Encryption: https://confroom.email/pgp-key.txt
Preferred-Languages: fr, en, it, vi
Canonical: https://confroom.email/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEez2NInvn5s50nqwW5DgVn3AJyUIFAmgB/00ACgkQ5DgVn3AJ
yULHpxAA1KSYBv7bIk9TnevPA0dveHdC+E8OoVehCTvFOm3zc492Bx1bK/JTrEOy
PCEWkHDM1ZaR5Xxct9m+iOuQnXVoAytPE38r1oLhMhPd1CWizZPQ5icEbqmSM1Kd
VEcozjcvgJEnxeRtVe0ANLyuBq9IA+uddCZMkgWQooUvEQJwgqkIhooObES3a1m1
1BRAH37CiRbBOVdeeE7Z6JG1FPAMx8VQvUzHAv35P3BEVTZ40GguGteDeRqnK9lS
Yc9ZWO6XUPSKRkcX0PPDoRq0o6+lGwCAv6EqNMngKTtptl4RcQzCrLZa78CuxC/o
MSJqJvm0foRCR9QThVhOlgiS2APbef6aCOkTKrdJ6o2bjUtcpOsxsswOoicIKWAr
tlMk1ENva0sYJLi2vMrdvFt/EoAsUC+GF2SdkZKV9cwrLHECRy1gXXix4EAvdZMm
FIXkoA6SJUriyMxJmepcv5QXzw7kAhcgVBn/ZoQoAxpRog/N3Whr6yafIuOsgZP3
bLbVi8ws+FsOWoqPmSpfKBsdWzqmo9Zo8o/i0HqavQj2Gj0hCtzs2wNT1KQJq5NH
v/a7jVY9tvKNMOnKPQUHQH9HrNksdKK9P4QMz3LHNqSgIGzjfumg3lHND5YrNrUM
2Il4Hqa6gpJkJCVDqr7cF/iACs2Jpw/YiR+NEtE+XKWLH6OtUzQ=
=NyOy
-----END PGP SIGNATURE-----