A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:root@mihgroup.net
Expires: 2027-01-01T00:00:00Z
Encryption: https://mihgroup.net/.well-known/root@mihgroup.net.pgp-key.asc
Encryption: dns:4813494d137e1631bba301d5acab6e7bb7aa74ce1185d456565ef51d._openpgpkey.mihgroup.net?type=OPENPGPKEY
Preferred-Languages: en, sl
Canonical: https://mihgroup.net/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQQJmc6pkpH2UmNVXhTN1VQ6XSEfLwUCaVW5AAAKCRDN1VQ6XSEf
Ly6xAQDD3r0lVwgbWKg6AnA0N8RS0DcBSwDLxsYSn4CW/wZfNQEAi5zOUR6Zwd53
dqQh2vUCCeMXmD7ugS3kOrH3KikVTQY=
=UyPE
-----END PGP SIGNATURE-----