A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# DSB - Please use the below point of contact for security findings only, if you as a # vendor/salesperson contact us directly on this e-mail will we mark your e-mail as spam. # Please send relevant information about your security findings to: Contact: mailto:email@example.com Contact: mailto:firstname.lastname@example.org Expires: 2025-01-01T11:00:00.000Z Preferred-Languages: en, da # Our security policy: Policy: https://www.dsb.dk/disclosure-policy.html # Our OpenPGP key Encryption: https://www.dsb.dk/pgp-key.txt # Our security acknowledgments page Acknowledgments: https://www.dsb.dk/hall-of-fame.html Hiring: https://www.dsb.dk/om-dsb/job-i-dsb/ledige-job/ Canonical: https://www.dsb.dk/.well-known/security.txt # Bug Bounty / Reward Statement # ----------------------------- # DSB does not have a bug bounty/reward program and will therefore not offer paid bug/security rewards. # We might however offer a token of our appreciation to security researchers who take the time and effort to # investigate and report security vulnerabilities to us. # # As we are not a part of a bounty/reward program please have in mind that if we detect any suspicious behavior # we will respond accordingly # # Best regards # DSB IT Security Team #
This policy crawled by Onyphe on the 2023-03-16 is sorted as securitytxt.
FireBounty © 2015-2023