A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



Contact: mailto:security@max.se

Expires: 2026-12-31T23:00:00.000Z

Preferred-Languages: en, sv, pl, no, dk



Encryption: https://www.max.se/.well-known/pgp-public_key.asc

-----BEGIN PGP SIGNATURE-----



iQIzBAEBCAAdFiEEYRq7yDU4/ChRT2kXNzUvBN/ksFoFAmkEjBIACgkQNzUvBN/k

sFryag//YiEPoNFftIBEPqxIa+2Dxc88bEVNnwy/44xXqQ+YBAHIXE5VUJm1HrOj

4O8+7sYFjmvAGNy20xZvyaPHjht5PmBWReiImLM/EhWTZf6llgVZGEpWttV/Wnep

/JiLPKNKmOWWz97aCZSfeIuCNh0Q23x7QDGovABslifPV3qyBRINEIxs8H1awOjo

GCCLM91t2MOj7GKPqK9C1hJyqARKabjg8Lhk6vh9Xxzhtce/J49FYJRV8ltoPAbL

d8vlZZYuyMoR/nUeyDnXijn8lMDNZKgcsNmRyTlmdLocOl/4XntF6uohIBp6YVqz

qYhON6KgJZZHH8VaLGBqJOGb0GwOsvLf+clYsuuWprF7FjutwxwAYeihork8gau5

aLY3ijBCkQNYRR7k7yQINRIYqXDOHt69Xcw5FYzFa+Em0GKO6oyRiNHf1MiDJNcE

Eah/kGsBNP5pJxUp70PWU864cVzP42tq3GtglovFCnK5TxGnIaFySQhBshWI9Q8R

oseQj/nN/Wk9bWHXdXIhrRXaRAT2mkWdNaR+eVfbk21xEzIxjCo/ryE41pF57nrz

2C4HFQatJ+j1pbPDZQxcMCuKZL2VmiZFKAXAVnR2z4CikXY70oIcG654YA5YDbkH

dHQH23KjJItbr3Bi3trL/CvRtDjKQ3KLWrtlfmOk+JPC9+zOEVg=

=z9wH

-----END PGP SIGNATURE-----