A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# Our security address Contact: mailto:csirt@active24.cz # Our PGP key # Public key: 1024D/6E7DFC01 2012-01-19 # Fingerprint: 9A7C 8EEF DBDF F7C9 0449 7DCC 0E22 E1D7 6E7D FC01 # User ID: ACTIVE24-CSIRT <csirt@active24.cz> # sub: 4096g/02C4551D 2012-01-19 Encryption: https://www.active24.cz/csirt/6E7DFC01.pub # Our security policy (in Czech) Policy: https://faq.active24.com/cz/933388-Hl%C3%A1%C5%A1en%C3%AD-bezpe%C4%8Dnostn%C3%ADch-zranitelnost%C3%AD
This policy crawled by Onyphe on the 2020-04-24 is sorted as securitytxt.
FireBounty © 2015-2024