A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

#   __     __     __  __     __  __     __    __     ______     ______     __  __    
#  /\ \  _ \ \   /\ \_\ \   /\ \_\ \   /\ "-./  \   /\  __ \   /\  == \   /\ \/ /    
#  \ \ \/ ".\ \  \ \  __ \  \ \____ \  \ \ \-./\ \  \ \  __ \  \ \  __<   \ \  _"-.  
#   \ \__/".~\_\  \ \_\ \_\  \/\_____\  \ \_\ \ \_\  \ \_\ \_\  \ \_\ \_\  \ \_\ \_\ 
#    \/_/   \/_/   \/_/\/_/   \/_____/   \/_/  \/_/   \/_/\/_/   \/_/ /_/   \/_/\/_/ 
#     

Contact: mailto:security@whymark.net
Contact: https://github.com/daniel-whymark/whymark_dot_net/issues/new
Preferred-Languages: en
Canonical: https://whymark.net/security.txt