A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
Contact: https://soc.beiersdorf.com
Contact: mailto:security@beiersdorf.com
Expires: Sat, 28 Feb 2026 15:00 +0200
Encryption: https://soc.beiersdorf.com/PGPKeys/disclosure-pgp.asc
Preferred-Languages: en,de
Policy: https://soc.beiersdorf.com/disclosurepolicy.html
-----BEGIN PGP SIGNATURE-----
 
iQGzBAEBCAAdFiEEV0vOWLtZptoJG8i/DO2/5svCx48FAmCLrqsACgkQDO2/5svC
x49i0Av/RUdhPOoUmGzSAWnGQFW8UGTiMNP0EiofsUASEIGkaGKqac/RbFpNgq5h
RaKmu2V+0pkrBAb1d/Iv3ehO7nB6VuxM8NMWYLDcs5nvkyKkndam6Qz/6oRt15ZD
IZxspdiZ6pIHYeEcIGL1U/Kc1vOBG+DKZmiull0pqUNrnzTSjpVGLqrEUWMPuAgi
xARGpbsnBkOardrW1KmZiMgkYCKnqFJ/YDDQXJMgAgsq80UAWFGjpceYgk3pjBVz
LX1yMQnQAzZKaN7xkmyIKUl77sVy4pSDZ3cqk5ylj3mTYDwmPBcTncfTuO4t/k7m
fDabJvFLp1QHltL/Ec3y2/lPe76VQc0f5HH7Nsjc5rI1vZtEIzhdl6Qs3XwjPRvM
zhpph+ty1Kd4xDiOVkXLUbK888hThhWS7DoHziMTdfUtaPixiTqRVfRTVMFBgX4p
J1hNY/d8QCtTMJD1MZQlDebFR7pmCRZoE8bk6bMk0a/aBxBRCnUvf1TI63yh4og6
qPPdulQ1
=SlE+
-----END PGP SIGNATURE-----