A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:contact@pentagrid.ch
Encryption: https://www.pentagrid.ch/files/keys/contact_at_pentagrid.ch.asc
Preferred-Languages: en,de
-----BEGIN PGP SIGNATURE-----
Comment: -

iQIzBAEBCgAdFiEEoaktbRZzpi3+wNSVVjhvSx3yNX0FAl32STEACgkQVjhvSx3y
NX35Bg//RyoqGZhQDLMG4D68x1fixDvjkeCnoDKjf1fGg1a6QksdDQbcv2EEnPnN
Ln0YQovIHFH10NY7Lla1YgTv9XrS8VMxIh3WKEhlMCJVLaFABNY3d4y4bKQXuuDE
MU28Sq6X9EDwraH09hK+izoIhr1lwcuUN3ZbwciWfj1ZO51DHAunH5j74bQX+pUr
AWCmsfkSNWjLPPbvCrZK8qaoalpqmHqUjsehsHM97SxtTpQTWP5aJOl42qCCcsVO
sVEPwptSY5L4YlUnjAL/f14W0CiJINoUiXz2c5COs+se+6OzcxFtCk0z7LX+zUw5
+0XY/aIZV8/UeZ3h2or3rDbd32dhDEkTbQc2+CjWL5GmfK7FDzkYH9ieZ8IvdZZ7
Yh172wx3k/Gz2u2XQY/Ahu6d+utZBhzq63nu+xaZRs8vO1HPk6TKrzP44gD2tRi5
GPOWh7UyV0LEm8A02QqhpEbNHHgKNUI0SNavB0/Do4JnTo7dBzUjNd4bLvgXpvMj
mEAqxv+dKWFZmIR3pmhU2jU96eh+QtIeSavZ1e4vXfaO/YcPMbJMaAPYVeYLrWew
aKq45eO5E7BezVNIRVFy03+Xp0i12W+WJwvquDyzCQ2uHCsHTtaO/8+SUuDd2PqH
ZNBU0R+mqq0ujA7c1aAwTGJmQFu3SDM46kr5jB5j0Sdn7zfw9KQ=
=yhc+
-----END PGP SIGNATURE-----