A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@herkulessi.de
Expires: 2024-10-10T00:00:00.000Z
Encryption: https://security.herkulessi.de/pgp-key.txt
Preferred-Languages: en, de
Canonical: https://security.herkulessi.de/.well-known/security.txt

-----BEGIN PGP SIGNATURE-----

iQJLBAEBCAA1FiEEFzPUCAmjFP3NpB+EeFVvdkquNTMFAmQ9txoXHHNlY3VyaXR5
QGhlcmt1bGVzc2kuZGUACgkQeFVvdkquNTP7SxAAh0v8lXzP7NkeISvqyz+UoQsK
Mb3GgkCzFyCVoJInRl2xMhKlIl8MeO8hsqskzdZ3RK41JJKbpyoypwlbg0tAn/3e
pS8OmLaIQ2PJu9v+jvzbwiv77OApOGuXQ3guLcjcdV1+MDmk9Ll/D692z5s/jo+/
wQgfoZdNY7cOOrR30HlFPdiZY3FRboZMvuMz/fbLrPfxfODX0yLUbhQTayMTrSvn
nHUOKcD28kk9ZpOKHTiF2+/ssxHcvX8RXYyEur9G8lXnhKnAcMoco0EOsKM7w3+N
OhawlXdKM17wqaBJWgWRfLrckfaqkEDqwRMER3uX73xwQFhXkI2/pAANAybCh5Tx
ydo5XSNaA9rmlFlQ4o5t+jnV8rHqzE2j5VpA1+MV9ELVj6X8S8B9j+/DM95X/U+b
4yVbjuGAcgfJKu+veLVZGqfXbpADBgdZQCoKTRWikWLxq127Xdd7bmbgf+bbKIDP
k2rxjrp/DNj8/jrocnDbrRetpzc9DyhSbFgpp03dlAxQ7QHbr5CLYF5/FFLZLZFn
cySN9VpKWDLmLNi8xD+/gGXq1PyjuLbrITacpR1WLQS4uhlt4aQgYLNtXi6W49XM
eYv6tQ+ZNbl1Mh1eA7Hjng1ALNENKkCPuUS3Ua5obIHYyZwjRH/dMY3c7ckEHTeh
g5w27ich/yuL7ICoPDg=
=d5aj
-----END PGP SIGNATURE-----