A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Security Policy for MedicalRecruiting.com
# Last Updated: 2025-10-11

# Contact Information
Contact: mailto:security@medicalrecruiting.com
Contact: https://medicalrecruiting.com/contact?subject=security

# Preferred Languages
Preferred-Languages: en

# Security Policy URL
Policy: https://medicalrecruiting.com/security-policy

# Acknowledgments URL
Acknowledgments: https://medicalrecruiting.com/security/acknowledgments

# Hiring
Hiring: https://medicalrecruiting.com/careers

# Encryption
# Our PGP key for secure communication (if needed)
# Encryption: https://medicalrecruiting.com/pgp-key.txt

# Expiry Date (ISO 8601)
Expires: 2026-10-11T00:00:00.000Z

# Canonical URL for this file
Canonical: https://medicalrecruiting.com/.well-known/security.txt

# Additional Information
# We appreciate responsible disclosure of security vulnerabilities.
# Please allow us reasonable time to address issues before public disclosure.
# We aim to respond to security reports within 48 hours.
# For critical vulnerabilities, please encrypt your communication.