A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@synopsis.fr
Preferred-Languages: en, fr
Expires: 2051-12-31T18:37:07.000Z
Encryption: https://www.synopsis.fr/gpg-pub-key/gpg-key.txt
-----BEGIN PGP SIGNATURE-----

iQHJBAEBCgAzFiEESka6WPS6kvK2Oolx5FSIzUsiuQwFAmTVBMgVHHNlY3VyaXR5
QHN5bm9wc2lzLmZyAAoJEORUiM1LIrkMJYEMAJSZicS6TA3Ku0Aa1rfZ+lHs7dgO
ASV5mfTNtlTkeParlBgS8ByR3H/HEDL1DVdmYcip0/U2GSN3CmjtMi5VlAZNtVhO
9nzBrmkExcG0W3jA7VdVWMMOmNTtfNfL+4uHV49XCk9koYpPjSDmvrC6Lqyffyoe
gjeP7av9oTxVsX6VL2VGWEMGV6EECb1+B5Ng9BhBPK3NnX6KSF55Y5CdL0//WwLi
V+oGZ+X6yJlkdsUtVUXZVGHS/4gEUE+9E2CRB4FDsZ73k3kPxXThToCX8fhMSkmG
pZpg+P4YVkKa8ndNzP12vy6Pzc/dpf7ncAFfFcrvWvsXwgM/HohFGDqEaaWEu04f
cqvxhFqXOK7J161KRxX2R6OU0iBhcFGbMgNWzyLBjM4P6nDTnlZgTuA3BKSu7deg
8DnxeiXqaaY7t7FuEq40LjeFsKLij/8GsnF1RPkMAXQIDZ3YJNzi2FxnXCas4tA+
NfjB7wtlKcXzAB9OnOc/km0wBlLgO54/jdAGBQ==
=S48K
-----END PGP SIGNATURE-----