A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@sergeypanteleev.com
Preferred-Languages: en, ru
Expires: 2024-12-31T23:59:59.999Z
Canonical: https://s-panteleev.ru/.well-known/security.txt

# Signed by Sergey Panteleev <sergey@sergeypanteleev.com> on 2023-10-02.
-----BEGIN PGP SIGNATURE-----

iQJPBAEBCAA5FiEE5gkT5N8gmQfY4w2WZZqXyc8qeVoFAmUabzwbHHNlcmdleUBz
ZXJnZXlwYW50ZWxlZXYuY29tAAoJEGWal8nPKnlaHAUP/3IRy/1utqP0HXlLUUi/
5FLujffbZVHaKs1wMjV9DTSfkXc42A0InbiBgIEBXOwkhQlgpt73cHqgCyViw7nv
eYcw3zXfukhrL63ExEh9GrfRsAVNeBaeRStNkXrB/REipQZptoE6dtIPaTuFKIIS
IbQpqPCeNP7IQmTi/B/BKAztswG4hzLHiK2uZiz0nK3m91KlouQ/KJO2+vdkYUV+
nIdFR1ilh/N1gGytHqLRWDDBW8pIj5HWNW5Zl1lJTZD0II1FzckIgdBq5vXrPLwG
2LuYYacfvL8+VWH2Ibi7DB8c3cxNpXYBj5Ckd+S0Lt3FxELIOenRfSG3TsZ/e+04
dJHlbrghSUf9TEfc1XyoM2rW7uWptesPlA+7mdRhj8rOB1Tdy9q9vkjautLw26zY
avQMIfPBJ7sqwO4dPgrAi4JxyLqtRvk4ecYa0ppLYncZVDMbPLYdDH2EVn8ibhuE
hkjtkLi7eXBwS9ug4RUzC4g23eN7lqzBtcEnsqfUZ8YdeN0UgsfryzlR7sQk4g3c
48ZY5XVXxI73jWFfPVtcg//UJhHknypMsaBL3A0uJBJxtK9VhYMLBM1J6wEdJ2oN
D2CF9koFzxkgMqRQgCQl4JBdC+KEuUXXdATCrJt6SvGOxObcVC4QVdMzhBwwn4rd
tJUwFDzpvVEFP9jkKQIDFQk/
=uzgw
-----END PGP SIGNATURE-----