A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://sasahivi.com/.well-known/security.txt
Canonical: https://www.sasahivi.com/.well-known/security.txt
Contact: mailto:websecurity@sasahivi.com
Encryption: https://sasahivi.com/pgp-public-key.txt
Expires: 2025-08-18T23:59:00.000Z
-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQTpGQZVsZX7gz9L1wGqI3Ie6JYU1wUCZVIrtQAKCRCqI3Ie6JYU
13SzAQCNcMzei+XhJ5yMHn7iPSTr4+vaJF1Z4E05rvxVn1ofHgD+Mwr1e4YZBP5G
hpgayF603pf+aOOmdPygJFbyN/mUCA8=
=RDoR
-----END PGP SIGNATURE-----