A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:info@dus.net
Expires: 2024-02-29T23:00:00.000Z
Encryption: https://www.dus.net/.well-known/gpg.asc
Canonical: https://dus.net/.well-known/security.txt
Preferred-Languages: en,de,es,fr
-----BEGIN PGP SIGNATURE-----

iQHBBAABCgArFiEE0X6AqO8UH5ShdHh/I1jxY0exKpIFAmQewHMNHGluZm9AZHVz
Lm5ldAAKCRAjWPFjR7EqkpwEC/4wbDCT5YsES0dx5y4btc+2joDVsUuzFoRmPRmR
sCzo0ku7rqZ86tIaKA9EXIlEvqHB8RawwbCP+PtPgdz1p/i+8wXPM5NXpPQTMsG9
rblcGOnCvdM+bAMiUPwOR33A+B5EFLVDTs6DcY3fvPgT6ddHaHnVi8PXORp6nFVV
2S8Rx65r2GvKyWQkMl/bMpv4PyspjbkX/a56HOPVEwtCq+QoHjGQtcUPFzqSUXeD
GtAhYzYOrEhIIqy5cMLuovyjZz1DdOtBpyrabXX5C0mxzQgcL1py1hKiWyDX+KwK
t5bMp2yMFtGm0jCb5RiAJelKpWmzzTVwu4waYWf+39OG8Gn+AL/c1yokDk82ZF9t
0rNyGDEgGcvtM3xxIvRbfZuEX1ld4cnsYv5bbXoKK6wEEO7x1uNCYB9E9OM7JjkP
pD47ymSbzFAQ5Q4EwL1TDzVhbqiPJbqwSNqh7KPOLDBs8nSgJFjOUSyjy8Ui0Nl8
s/AUIWIUraC2os52WWzQqa6QcSU=
=CTre
-----END PGP SIGNATURE-----