A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:nicola@nicfab.it
Expires: 2024-01-10T17:00:00.000Z
Encryption: https://keyoxide.org/073f79051f748925356ca15d323c24ca7940d382
Preferred-Languages: en, it
Canonical: https://www.nicfab.it/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEBz95BR90iSU1bKFdMjwkynlA04IFAmO+hWQRHG5pY29sYUBu
aWNmYWIuaXQACgkQMjwkynlA04J0lw//XCj/2URl8ztflOp6wXIc3DWTmAl6SzeK
3AfItPgEAF4OVG48bIqEuLFhuGouvd0BEkGYvZyMdjkuuOgMHzJit4B+SvAuH2BK
PTowayP7BW6mKc47SFzmla6iMH82hATyo5iM1KBNmXqy4jfIirTu1Nmd0AWk1Dh5
5fn+ss7TbU1RF/bJWGo1HLCYmIb/9km+ktownLIVGD2i+dI7qnEa/pUl9qyE5naK
GzekdJSmxV2MnwWzm52VuBn0f7zx1NMj416PvmgfnDvS7epVe1eI55O3eM/6hgBz
nKF/xrub10KSw2ub/qU8IiDkr60YK+6UqdgvQ3lsp1VHfQBCXxvF/L3p647mzb2M
FB4ggIkJ8QjPgz7RhGC9PnCPDpfgNgdcxQjWbYLsaJ43Rz4YkenYXQhRgASKODW3
XW4d33DOyxaAaMnipqwzLdUdM0zwu2E0rVuBL0b/fARZZ4LLgujgWw7lxfygJ942
xFeWXSeVHYCciXumWCKCNv/ZAYHdw+pLVaZET6znkjZUQg6opb5UBZJ2CSOKiPo+
xDm4U80wpo6fJ11EHXjVowSABzkuzxvU+Z6QqJ3jieORJY+lBhvuEptn/TcAH0vc
JNzCkiYRY0/RMBwTS79kML+x0FSyCiVCb38FNNk4qOPVQX8qaZr7oXI5ezfAuaN0
bhZVID8J09o=
=K1md
-----END PGP SIGNATURE-----