A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# UMKMall Security Policy
# If you discover a security vulnerability, please report it to us.
# We appreciate your help in keeping UMKMall safe!

# Contact email for security reports
Contact: mailto:security@umkmall.com
Contact: mailto:info@umkmall.com

# Our security policy page (update this URL when you have one)
# Policy: https://umkmall.id/security-policy

# Preferred language for security reports
Preferred-Languages: id, en

# Expiration date for this file
Expires: 2027-03-01T10:52:25.087Z

# Encryption key for secure communication (optional - add if you have PGP key)
# Encryption: https://umkmall.id/.well-known/pgp-key.txt

# Acknowledgments page for security researchers (optional)
# Acknowledgments: https://umkmall.id/security-thanks

# Canonical URL for this file
Canonical: https://umkmall.id/.well-known/security.txt

# Hiring security professionals? (optional)
# Hiring: https://umkmall.id/careers