A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:niklas.baumstark@cashlink.de
Encryption: https://invest.cashlink.de/.well-known/pgp-key-niklas.txt
Preferred-Languages: en, de
Canonical: https://invest.cashlink.de/.well-known/security.txt
Hiring: https://cashlink.de/jobs
-----BEGIN PGP SIGNATURE-----

iQJRBAEBCAA7FiEECdtgde3BTj+i1yMIkQUhNhiYI3kFAl6EfJgdHG5pa2xhcy5i
YXVtc3RhcmtAY2FzaGxpbmsuZGUACgkQkQUhNhiYI3mQNRAAi92S/6XEQw5tr6WN
iSYUBo49Xb+MRIonx+cxo66O9HaYDfFN7/LMtPNNOp3DwmVUnKYerAwnlJImpvH3
Jn++/qE7lcXZbcGfaNjZ1pnt/A0pqDnpeUMIHKghr92z6s8o6C/St5Dovn8Azv9w
EwhqHRq/ypkb8FXRRrG2UxiQ0jv+2Gw6F7toxb+A9L+bufwCempz42rHsIU2Tejg
z8VstHhD8cCwqIQ1HSKf6iI+9pLpFWrYE2axBw1ujykYnSHKyhwTX356h0L5zGnM
4GzVc8/LMA0084dBJMU3+P0gKBnEceKVGwZf698bBAIZQyzVAuhW6/WJmoudkzXu
MwlwhXK/WJP0ZqXkmPVxYwGLqhS1UCatMNYaHT/izzfpsoElWoH99KlWZ0oJDTDh
sAIVc9vureQZCe1U/9ZPkVzpjhOrtibaLf6nG517Fd6hQT4qoMiSY/w5HmR+qGcz
LjmsLKWDzqhq119lfqod8i+zUFsS5OtEuITDRrOg8e0HelnACNu77f1wfeSUjj6U
qcl44m9tMARg3uvdN1BVrqMm0jSoBkOqkFWqiG1trxVAiTO8/aQtbRH+tfmNbmRO
aRB5SJqGIBAVKXIbNpqvFK4VRGLiBA6DC/YLyRYs8z3wJHO90VG+gFcFXsNsLEoV
VVVbEAB3d3chBBWY/sJkIa/s9r4=
=Cf6v
-----END PGP SIGNATURE-----