A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:it+autobahn@tpwd.de
Expires: 2026-06-29T22:00:00.000Z
Encryption: https://www.autobahn.de/.well-known/gpg-autobahn.key
Preferred-Languages: de
Canonical: https://www.autobahn.de/.well-known/security.txt
Hiring: https://www.autobahn.de/karriere/jobportal
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEIt2oQCxKkDAKBiEPjdPsw5sLGI0FAmZxUBwACgkQjdPsw5sL
GI09wQv9HjlOtQy2kOA7saGKhT+s1Fjb4iPjL4z2HwVJajfa+rwWZuJheY46QERB
QkaEWtD1bdOmUPJGAIvQNS+F+aMaVj0xGbpkgP6Vrcj4xy0t7zPTHFRALUpD9Tal
mlU3tHMcR4rAe+BB8E+k7olUDd80V7x1QHsRkCMI9alKrfXI5xSjoxVVEKkRNQ4T
YoGabq5Y7J211HHyUPSFu4e4hHyT8JUDhS0ArOQu9IwDP56PFRTO5y5FE4wDbh2n
wHb4PjBJ++MjZTDHpABauVQGfCCvNdmP7UKavVD7X1XaLRwAARasuJodggLhfJUH
QJYqhUV2YcdSd63zEf89HZ5K3VLqbOFwjDn95vucZBgyvmr9hvHe3TEEFORc7DkY
v/jFxgczo9/JWCYy46d4xFe+/uAXl1P6GjKkwyQVv/l5IN3Gi7UCYqHei01XosRL
YcP3KNKSvy0WNyi3V+glfH6SOim9YDZ+vLguvzPk/WcEBPuY71qlR7LPsOJzrak+
r2LTR6bx
=D9Rt
-----END PGP SIGNATURE-----