A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# 👋 Welcome to our Security.txt Page! 🛡️
# We're delighted to see you here. Your presence on our Security.txt page shows that you care about security,
# and that's something we truly value. This file is a testament to our commitment to maintaining a safe and secure
# environment for patient and care team. If you've found something that needs our attention or have any security
# concerns, you're in the right place. Feel free to reach out and let us know how we can work together to make
# Doctolib even safer.
# Thanks being a part of our security community!

# 🐞 Hack the planet!
Policy: https://yeswehack.com/programs/doctolib-public-bug-bounty-program
Acknowledgments: https://yeswehack.com/programs/doctolib-public-bug-bounty-program

# 📧 Our email address
Contact: mailto:security@doctolib.com

# 📧 Our backup email (we don't read this mailbox in normal situation)
Contact: mailto:doctolib.security@protonmail.com

Preferred-Languages: en, fr

# 💼 We are hiring!
Hiring: https://careers.doctolib.fr

# 🔐 Our main encryption key
Encryption: https://doctolib.com/public_key.asc

# 🎫 If you found a bug bounty booster ticket, you might need this key
Encryption: https://doctolib.com/booster_tickets_pubkey.asc

Canonical: https://www.doctolib.com/security.txt
Canonical: https://www.doctolib.com/.well-known/security.txt
Expires: 2024-12-31T23:00:00.000Z
-----BEGIN PGP SIGNATURE-----

iQJIBAEBCAAyFiEE5GTrYu74qzWNwjWG2NEuknv6C14FAmULZwUUHHJlcG9ydEBk
b2N0b2xpYi5jb20ACgkQ2NEuknv6C17TyA//fuh55rfU4IrRW0ZJI827ZY2GpTS/
fo15Y/C5N1fPIeT9n1YXSogpycN1tuBC0L4UiIcvHsJM8TCwDMjSSUS5OiUjKoVO
Ts5d9VmNcJVDqnsKu8DJ1uaxhE55X1f0JuYyXm3VAn2XxNPgcjTc5ZQ3Zhw0wnf7
vszEmU80LY0Q7RkvmmG9zrRb9MPFF4M45OG8aPU/7IS6AnwXP/6x3nKQsUuo4BYS
eqUWQrIKvSJ06/471hG6YQLbBFVcdL0k8xjqwyVJOTOKrSbieXZ5COUEubJChwCj
Ph9quNw7vheCFRrKF/pEn1EDSqWgYforqWXGQGa0/WHevQW6lmA6f3GivGA2Ev1F
N/afBdFN6eaMK4tBuKpiWbVYmJ0ISfbTwKpnWEF3giUvmpa3IiKshBOt5KfJbv7p
tOzcXzV1HdfFw+pqflJhc2qmkIe8apRnpb2jd50Pp/96I/NhnxTnn10kBe7uDkMY
TcQws2Fc+BawXTzkMgGssBf0pbhcvhkh+T1Pg0XzjJp/8FCE82upYpTuLrSz7/+0
BEYWdqakpeRxhBVI603zhED3FDWpG+qRkAvOyn7w3lDkwSKfYADcibLycIK67USM
zwJ4OPFVToaNNRKxkS4jo5NjrD2iL/IhjDwH9i8xpdhE2hEEbB1az2jn98/3lgoN
O3Z8IqmuQGmFEg8=
=9ggG
-----END PGP SIGNATURE-----