A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:support@inleed.se
Expires: 2026-09-28T10:00:00.000Z
Encryption: https://inleed.se/.well-known/public-key.asc
Preferred-Languages: en
Canonical: https://inleed.se/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQRAjfi5BRATKPVKvTTBIX5zB7//qwUCaQTBUgAKCRDBIX5zB7//
q0DgAQD6hMJOfTj6zyl+pdIdsx/ErzJKixppImtZ18pRVutsNgEAuqR9PeD3kp+D
17Vv8jj2BklKHOaZhTwDbuhkqfLHIw8=
=x+QA
-----END PGP SIGNATURE-----