A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Contact: mailto:fw@evermart.dk
Contact: mailto:cs@evermart.dk
Expires: 2025-01-01T11:00:00.000Z
Encryption: https://www.evermart.dk/.well-known/publickey.txt
Preferred-Languages: en, nl, dk, se, ru
Canonical: https://www.evermart.dk/.well-known/security.txt
Hiring: https://www.evermart.dk/job
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJkUN3+AAoJEOPBjBxRbJ8QWvAP/1b4/Gs9HtMAibFsfch7IznG
F/TLgtuVYpJHNAKPhdCLeY3O5a5JuJ01jv5m+RqVQxR+y3jWA/QMlVK5osyG5KCd
QNfF3W0UG+2j/cx3VvisedrtZ8A4RyJ5Ut2X0DciWRTSpZPadw+7wwn2PLaMr0t4
lo8O2kz2d6NrNGEg1OvPNvRvBoMJLqTBvkK/T8QkFIGe9TW9h5M8JW/y7ZHw5Byd
JXnaZP/Hn8EkcrWLQyaAyasOvumRFFDx4pVByJEGsoFlzM973Byb4REwx5YkMw00
BqmjN/OHMG7XfAL7mTqvs2v2fFkXfrd3dpCcVPOQSdKXMFfWhIank99vsjCWrG2D
UmJu4X6VS8z1T8jhgiue5fuv9y9+Kyeo43qHb5ZaxMD40OHXwmeH5GOwrMDU+pi7
T5jYXeDkDmXEgbR5q4t0Saiy1NrhtTGIjzOiT8FQ0xYGUQfYG9FIe0YNK5Z42Cpc
FWbrVs8zTStnDY85hxyTl8zPl8B1Bj/ssr2ISuz6QnhDwBgEcLrr8RhC6K1kX4mR
71jjVfgxmxULvvLtkENYQ2EeEj72F4tkdpKtRdHVdRgvZUUDBaKObISfdgr+DukT
HOFthKm/oTsNopis644TIi0ZMeXNvHGhXBdXvQRS99EJQeiebgY9IOv3SSghbAay
pdk4pOOrcanJD7fSmQ9e
=2Jfh
-----END PGP SIGNATURE-----