A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@greenbone.net
Expires: 2024-06-06T15:00:00.000Z
Encryption: https://www.greenbone.net/wp-content/uploads/greenbone-security-team-public-key.txt
Preferred-Languages: en, de
Canonical: https://www.greenbone.net/.well-known/security.txt
Policy: https://www.greenbone.net/en/security-response-team/
Hiring: https://www.greenbone.net/en/careers/
-----BEGIN PGP SIGNATURE-----

iI0EARYIADUWIQRg34Y8dSar2h+1y4evlJTaT1brrwUCZIF0whccc2VjdXJpdHlA
Z3JlZW5ib25lLm5ldAAKCRCvlJTaT1brr7BaAQD8chD6Kj/y6paqduE4tfB2Lhcc
CsChw4Xsaw+uuDqI7gEAxeMbi/YaKXU22qPDWsuVBYvUmcSfbRRSW35KeJ4h4A0=
=JCKN
-----END PGP SIGNATURE-----