A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

##### security.txt Saagie #####

#A link or e-mail address for people to contact you about security issues.
Contact: mailto:security@saagie.com

#A link to a key which security researchers should use to securely talk to you.
Encryption: ./saagie_security.pgp

#A comma-separated list of language codes that your security team speaks. You may include more than one language
Preferred-Languages: fr, en

#A link to any security-related job openings in your organisation.
Hiring: https://www.welcometothejungle.com/fr/companies/saagie

#This field indicates the date and time after which the data contained in the "security.txt" file is considered stale and should not be used.
Expires: Wed, 31 Dec 2025 20:30:00 -0800