A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# If you like to report a vulnerability at any of our products, please use our bug bounty program or the VDP.
# For reports regarding our website or other organization assets please use the VDP.

Preferred-Languages: en
Canonical: https://secureoffice.org/.well-known/security.txt
Hiring: https://www.open-xchange.com/about-ox/career/working-for-ox/
Contact: mailto:security@open-xchange.com
Contact: https://vdp.open-xchange.com/
Contact: https://yeswehack.com/programs/app-suite
Contact: https://yeswehack.com/programs/dovecot
Contact: https://yeswehack.com/programs/powerdns
Policy: https://vdp.open-xchange.com/
Expires: 2024-12-31T22:59:00.000Z