A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Our security address
Contact: mailto:security@christiancopyrightsolutions.com

# Canonical URI
Canonical: https://christiancopyrightsolutions.com/.well-known/security.txt

# Our OpenPGP key
Encryption: https://christiancopyrightsolutions.com/.well-known/security_public_key.txt

Expires:  2025-04-09T13:52:00Z

#
# If you've found a security bug in something here at CCS, we'd love to hear about it at the above email address.
# You can encrypt your email using PGP with the key detailed above, if you want to.
#
# Due to the rise in "beg bounty" emails ( no, that's not a typo - see https://www.troyhunt.com/beg-bounties/ )
# we do not respond to emails sent to undisclosed recipients and "BCC" to us. 
#
-----BEGIN PGP SIGNATURE-----

iQFdBAEBCABHFiEEAGhU5lAIaqrosH/NjCKLVUaRZykFAmYWmaUpHHNlY3VyaXR5
QGNocmlzdGlhbmNvcHlyaWdodHNvbHV0aW9ucy5jb20ACgkQjCKLVUaRZyl4Ugf+
MYoGHxgoGTIm1dABEYCFikqd0l9fyqf9w1ZtoFmwzcP5UMBeauX7GaphOqJ7se1J
LplEB0grANkAPyo+gdeZDhGa7wr4q81JYvteH0lhBh2boPyMfcN/BYVKJK5I+8Cc
PA5B2t7tbVJxt2RxvIiKaye+ZlZAvityBa8ZS2erfl6ugBLGLWK/5OfU3x9RxoLM
TTMgCl/gvCIBowTiB1UQ8hGK/ZR1q+5ydxM5cced4U8A5hpxVx+S4aWnorzzsiWx
aSZeUeTR4BKQx29sAD0ylxZfy+FOoIuwTYWXWIyN6pVIpp6d0c1G2YnynK57xr75
kjm73t7HQgcJTw3n4voFbA==
=R1FQ
-----END PGP SIGNATURE-----