A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:info@b767.net
Expires: 2033-12-31T23:00:00.000Z
Encryption: https://b767.net/crypto/info-b767net-pgp-pubkey.txt
Preferred-Languages: en, de
Canonical: https://b767.net/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEThO2tVRmU5zwv12j3LgSPfGD/CEFAmS7azMACgkQ3LgSPfGD
/CHfcgwAi2Ywn00X8Xopttw19hbihCqkH92alfXdr0nw9qn/b0lTgwfQsEbJSuYE
I9cTeTzfqUHJn5s1kUcSadA2PCcusAcUbqFolbXEQB3vx2LTAraq5XYA3NR/BgwK
RjAzIMybsLAcpATOShw/hckQosRZCM+7g0+zgtsXvjF+ZJBMFsliVbkE/NbAoFwN
jC8+BCTPaagumqpHUoHju2+FSmG6h11jjHQubBECm2Pj7WPfhzkYaYb6sBEXYnGK
HWTd+UH/l/pHwk7nK9cPqGfqGLVFyBeW3c3yXM4p2PaQlPxEaqdsAIdKbRBjOw5K
SZrRUTuFrSvmKTbvmYQdM5760mthqXZCJjxeQzDspkpSdLMZniQcdop1uTLXC2gk
7p0CiszCYiYDe4pAKqWlxq1bFYYkEt1FcxnljoFZIexurOK1iNMhwayX5ajYZdS5
41GVsjZ911RUVRarD4VcAq4nOd2sLDz8M03iEOwvDZReRSTYgXZzThE5Zj+ESABs
jBsGDXfO
=HMMJ
-----END PGP SIGNATURE-----