A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: it@iurio.com
Expires: Wed, 31 Dec 2025 12:59 +0200
Encryption: https://iurio.com/downloads/pgp-key.txt
Preferred-Languages: en, de, fr
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEYQpwVarxQbZOFDUK0kejsrgeF64FAmCTlicACgkQ0kejsrge
F65hag/8DOwiEkRzVwpLNFHED8y5l6+vG9IieENKU74oC58TWufHtoapWAKvd1ZF
N0KWsMR8XMIMydcDGUZxZutYpTDGl0EqSCLBt8v/YJ/oadUKJIjk/wYehkkJJ1Bj
CUt5EXRdrhgkUBJw8tGjPFgK3qlWHRcufpk0I8FJF8xPnGMRp/e0ihpiGcSnxEU1
ofUJ2dfGe6fAhEx3ccHwiUS2SXedO9YaA/2w2IU+kyfTzrgmxfufo0f7KOWuD2sO
OxvH51yaLuTyr4gXB+HTBZD7kjQ/0rC6JWBJhEVfE3viXWQ76/E2kQFiWanmjcGK
kZTb5cBof/EyPN8DS6NU1vv7crWQN+Q/P0OYj+yAOZKwCnQJTGqkW5BUoKermWMl
3cJ8Wy9zsDsaYdPXE1dsXIIPGYIYy24UlwpwdZjnjdAWFepFjR/q8vj18bPSeghs
YN7B1oTh51SH2l1x9QGU4EgexYKuchsZlthn1MBf3oIbOZQaP7Cg8IHCkxDJ6/MI
EufmCDDTCs1wIysKKPeUSrcYvXq5t6rBKHA5ntyYS7F6DGaWnKeDcmCcmc2/vpMG
ETfoFRf9aXOCVszMxitpTeU3RsKjEzKqn1AN/S2Z8uM8vE53fIVQ7JD5CNxeb01x
5Eb/lojP19ggnfpsihU3fPKexXOR37coevB3bgy4aLOO5cX9Hh4=
=qoaj
-----END PGP SIGNATURE-----