A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@greenbone.net
Expires: 2025-10-11T06:59:58.000Z
Encryption: https://www.greenbone.net/wp-content/uploads/greenbone-security-team-public-key.txt
Preferred-Languages: en, de
Canonical: https://www.greenbone.net/.well-known/security.txt
Policy: https://www.greenbone.net/en/security-response-team/
Hiring: https://www.greenbone.net/en/careers/
-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQRg34Y8dSar2h+1y4evlJTaT1brrwUCZ/i97gAKCRCvlJTaT1br
r+ekAQDEmW0fp9W2ki4SO5z8hfCVUIlWJ8YnhXye2Z/a84irygEA4+FVuQISLAXF
S/4dlfhSf0kccWarZwMHZ2a4Q0bjUwo=
=EOCq
-----END PGP SIGNATURE-----