A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 # Our primary contact and reporting method Contact: mailto:cengage-vdp@submit.bugcrowd.com Contact: https://bugcrowd.com/5c0e9d1e-e7a2-46c5-b6b0-af424fe4aa8d/external/report # Canonical URI Canonical: https://www.cengage.com/.well-known/security.txt Expires: 2023-01-31T17:59:00.000Z Acknowledgments: https://bugcrowd.com/cengage-vdp/hall-of-fame Preferred-Languages: en -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQQzCIqyycKdOMQiURwk7JjYsxZiRgUCY4iPlwAKCRAk7JjYsxZi RgixAP4meRWd1rP7jYMKfYK3Ncc/ufae6/VTjmLmBQMKUSe2FgD/UaFS8XAgnUQh KDQojA4H9hVhh2+zNHXrfNU6oyBq3wA= =dr5n -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2023-04-30 is sorted as securitytxt.
FireBounty © 2015-2024