A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: disclosure@your.md
Expires: 2022-06-13T23:00:00.000Z
Encryption: https://www.livehealthily.com/pgp-key.txt
Policy: https://www.livehealthily.com/legal/vulnerability-disclosure-policy
-----BEGIN PGP SIGNATURE-----

iIkEARYKADEWIQSfK3XljSR70zSUUVKGI6U+JY2HrwUCYMdTKBMcZGlzY2xvc3Vy
ZUB5b3VyLm1kAAoJEIYjpT4ljYevkwQBAMepCsdo3ag6kdtXUUiUHHAWaAkg24NH
Hk6gtDgM2jeaAP946o6ew9iGHJnhe9u/gbWv5/Udl/M1kQYD1SDB88krBw==
=mCf5
-----END PGP SIGNATURE-----