A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Our security address
Contact: mailto:security@ionburst.io

# Our OpenPGP key
Encryption: https://ionburst.io/pgp-key.txt

# Our preferred language
Preferred-Languages: en

Canonical: https://ionburst.io/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEUhV/8nBdKnNINRduPtuknYovvKAFAl7ZHLoACgkQPtuknYov
vKB0pA//eq+WjA4tx6+D8XwGKisEAGPf3bt6OCch1pYRSi45X539krf3jWO/+DWj
w2MBuxsDFCnQcWRE63hfhvGUT5geEGOUJlNMKW2qI38G/ZegkcxMSPvOSRxRCMzq
tqt6jrFFrOz7bmPIq8eaJqzX7uwsb0W8wOrufRcGKGJzgXM0Rb2DLQKBsgl/esId
y/X+UpH88puJyaFsDDK4WaRjoxzgSDHpNqX+fbP+VkSd06AJhx+nHDSPIKNiVFpZ
bFyFIhARNGbAr4TVn5823NHSnSSoF/qpafnWIPhtM5GPHxrvsj0s+CU9o1g8w5TP
nTq2YVIVRkzbf1fw22L6cCaS/9sWPhSkYjdJXbjeOKeRb5rmIPqyzWI89IqwtQTw
Xdks2yMkD+qUknAkMjXRCWQwZjJmdPzRDhxjoJQ5N2/FbFsLaat2bJMaDsXs4nUQ
kAUjohfuaBmTk97qLADo3Ykg320LpAPvt6fclig4HjoUbfgdAy5VlpolW7VY90hX
CQdmGo9qRznCxcqrsqw+jcDUEb+brIDndFXsS4Zr86TLEWFRVJ7Hm2JHIqWlWWlX
PfexKKposgQk65Z1/sOsBgAYK1w7Ji/J3OJMgCkbj6sGT+YEiXCbW0cmJOTpeBUF
oNWRTc6VS1TmG+9qQs99e/wQSi7KBF8Wvj+duORDzfgEXBa30vw=
=jKIB
-----END PGP SIGNATURE-----