A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256

Contact: mailto:security@roswellit.com

Contact: mailto:support@roswellit.com

Expires: 2025-01-01T00:00:00.000Z

Encryption: http://keyserver1.pgp.com/vkd/DownloadKey.event?keyid=0xDC170A044CEB1C52

Preferred-Languages: en

Canonical: https://roswellit.com/.well-known/security.txt

Canonical: https://raw.githubusercontent.com/roswellit/well-known/production/security.txt

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEjEaj8L9gP5caLVkb3BcKBEzrHFIFAmI7FGgACgkQ3BcKBEzr

HFLz9A/+OWDAMfogAa2nnrDlhloeYsty+vkgvTluzAZ1nrHZ0WXM26229OVRozpA

3QPDodJPhE1u2JertKuvX9ZaKzmLxeA9JVeWa9zPl1ze+ft5H+iXaQhjIMHmON/0

VX6k4uTRlAb2Hll8MskJeYEdT5i72YoKmFjt/kh+vr2bXaqaeNRVLHRLEznQrJ3M

Rl6gFm6ygfw0SMzKusP4gPscdyyr10iyWfx+gKzp8/bw+yaFp1EpN0J31DqJgymr

0YSIOqq4Q+A6r4t6NvOXNuxn4o2h2lGKWocQzprGBAI3vX+Qlt5s2Ca16GM8MHNI

KEFWeHJiPY85GjvBruzi/YJ9F7zcTsQ2g4j2Q428NRSlbBVxPN+JnznUTRMSdnE1

ykehrlYkDEk4AEx4Ja305D1fNzOjt5A4nHIY8pz+jofpHfAoPUTf4um4dkWs96N+

Yb81hMPpIIaooLFIkAjpwcxAI3KtCVAwKRGPW8kHtkLcx572UytsmYWZXm9UZgHp

hponQhMidvLjIHv9jVRpD+hBUrYx11LBiScV6uu2it+Oo/mawg6Eyar7f/IRNVLt

O6IZ5c4Cl7nZ0Up6kJzBf7J64ZlND3ZcqUPYkd7GQA/8f7/XpRKx5iSeuLvEaPxn

N+CGGIy54Wnd7366uQBo58LsukCgdr9X8cYUvgTXr8zGYJg8P44=

=H44S

-----END PGP SIGNATURE-----