A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@venntro.com
Preferred-Languages: en
Encryption: https://security.venntro.com/.well-known/venntro-security-public.gpg.txt

# We recommend encrypting your message where possible, however please do so with an ASCII armored email body.
# Our mail system doesn't handle PGP-MIME well.

Canonical: https://security.venntro.com/.well-known/security.txt
Hiring: https://www.venntro.com/careers
Expires: 2023-09-11T17:00:00z
-----BEGIN PGP SIGNATURE-----

iQJJBAEBCAAzFiEEABQ58FnxUxeZ4bwFvy8hKOyUNLIFAmNFldQVHHNlY3VyaXR5
QHZlbm50cm8uY29tAAoJEL8vISjslDSygpUP/iU5vq7iSTETE2cEpKfC6LrQedCQ
MlkVh1gT570IwnIW+RSHsyE3howspcY/xwPK24RKU4+Xtwag7hZCQwL2ATUh5L9R
W4yIR0dHc1lMlOUGJD71JjrTp85Hde9xDTRQOLYrYkWwHDgYCfRWYnClpSzGdE8e
+9+9WWGRMlfDrx9ROMGBJHJaoKQLGx3Vac4D5grxjMdLe/x2VvfaJqiR0hoGaF5O
VX2Yj+t4SNpcVQRm3mdAnPUSodsWbSegn5GLoGg1HLOE8gVlGvkd1mwQ18/LzxAc
apYJC+g1hpfqxLQMcVIWUNxWzSbLkTaq9Fl3x7wNmuNNThlxJUvFnAEKjOOePe3Z
7kzbUiet1/PKOU87c3x034KWKrHREWHASLq/3W62MPJ07GVvKmzua7YJc9wIVwZb
Y6qT8UuvGUgCLpWOeTnfbx9Bjq5mhSAMDexdpY/PXvpxXIV8w7yG81a1tqJVBh8w
qCUEYOr9FO8ddCznayF+qOvGj98nhKnlL7PX8cdFDgW/i9UG6UiAu1Hh/etTFToQ
RnNvsJFuGnh8cR7lEnMaTA3jVQS084X6iJfJE0g3oSaz3CKI9BLnrUvspBdMXcqI
rKwmHajuHglVrYCbXB/80HVbbB7vwrBq3NIAGU8YEo5Smo9P3kIi6wycvZu0BKis
A+a3ldAoMtAzqnbC
=wyxe
-----END PGP SIGNATURE-----