A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@reuteras.com
Expires: 2027-04-01T07:04:00.000Z
Encryption: https://reuteras.com/pgp-key.txt
Preferred-Languages: en, sv
Canonical: https://reuteras.com/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQKTBAEBCgB9FiEErXbzjIB8b6yqYZn2TL6raeNeGDMFAmTLUg1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFE
NzZGMzhDODA3QzZGQUNBQTYxOTlGNjRDQkVBQjY5RTM1RTE4MzMACgkQTL6raeNe
GDO6ahAAu45NjJB/qzRG55D2HKP2yaqP+oRK+HNA196Qz14qYKCdQ5RCGBchk5ch
mprbBhvUt4ybqxiH6jbSfjWaXSMbua9jAWyMvZHRtmd5X44XxAgAvjaZzct0veGV
5jbUc0fQVYZGlSIrSsZEZ/fpmIHQEcHy7pXahI4SEDjQP1GvTFj6ho2jG6+iMUsn
XMgFGCrHrlHk6xz+ljWmvMAOSxLNeWinSq0fTQMP8KmRNU8OTC9w8p7IOU8NvJYV
944drSAJGtu3TCZfCNQDsc3b37n8bqQk24XkvDprQo8tlj124ksdW0iyjhKWBhvD
nGL+9YOKaP/nvwcxKnqqWn3rXKz+EBDqYJymt48bwx4/aFhBjZtDC6QqYXiF32+j
BZdW1st51njMaqnHlpiVF9jzk9NQuXUklB3k27PNyCYUFs9wnAqhOjYj8sh48jnM
U2lbK7GvbwjvPve/0HlEZdgqsJK2h35w0UgGpt5sU6h8E2Tcx78A157GOYjJi8p+
IuSyUB91SiPZpcgvHLUCcSZ+e3dSIMVUwvST3PkATWLsIgsj3MQlRAMN11TTdQ9+
oo+Se+lpDrwN+QBddZX+juI4Fi5JRyZEVUYsRQaF0TWcye0IUeoC0yTYFCobW81R
+WTE+183otxiHcwQoS+aj+0E+qtgJebjf46EUvncn63g9oqWwmU=
=DJYk
-----END PGP SIGNATURE-----