A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Canonical URI
Canonical: https://app.regrid.com/.well-known/security.txt

# Our security address
Contact: mailto:larry+security@regrid.com

# Our OpenPGP key
Encryption: https://keybase.io/glowland/pgp_keys.asc

# Our security policy
Policy: https://regrid.com/security

# Our job openings
Hiring: https://regrid.com/careers

Expires: 2022-12-31T23:59:59-04:00
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEiUiQ0T42k2OMbYLHLpoggc5/G+YFAmJ1pVoACgkQLpoggc5/
G+bHLAf/VooE9Gl7Xsfns+8bW1b0PuUmDnBS9WsayN0NGDn5YSA6SNf/x5rnRL53
lIvdhyKqbX+mcvpU5ujfS+gfGQWl3Hu67CWab/eSq5dPRCt0j7Ux2HJhuoQ3Iwd6
uKGV6n1K0vNfFxH1+DZl7fm3bodf/c7WRLEyp/iBgplrje4EAnKnwZ+sSkf08Yj3
0ijNBHzB1hDBjtfdjTufiKMAF++MJIM4B6EAWDLKvx3jLAKriZbECY0GQTE5HvkE
HK+IImiq/gbBx/rjQZ5/jgHcNWB2HN69UmReieTVavuoWyvjY7Pd4jXbkELAxJRT
TZslNsgBFaX8Cqli9XrDLeoA6NCDOA==
=ZrzB
-----END PGP SIGNATURE-----