A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Contact: mailto:security@dalanguages.co.uk
Expires: 2024-01-01T00:00:00.000Z
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/41E1358285ED7A14C68289AAD3A7D0E34D5137EF
Canonical: https://dalanguages.co.uk/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEQeE1goXtehTGgomq06fQ401RN+8FAmQi9HAACgkQ06fQ401R
N+8MbAv7B/PGeq+buezy1W4SVqVdYHxr0d9FJO9AYJH6dYUeTcfAq2j3sps0R2dN
a+X529K+oUV+YztJYwWXatKhhOIJtXa9t/wFq8RLj2YdaVG42p69nO0YEM4E3qWB
Urks0Gbj68MA2px0zSY9TS0Tdnto+4k0Z3QFuG43UcgG0K8OEJrGnx5aXcWg27oc
sa2UBKNvEoyhTODGgzEdChXKpiVQtzR+u20Rqst9l4MkhjqRu8vl9xnV/vPF2Cd5
lcSgDZCQUBVs+MBOYnazjDPnx2XEPCD+dfLQrHFFJbjKkLHlmLEYlM0IBY0b3cja
6aok5LgGM/NNlvVMGV4HJGUznKnzmwTP3SjglsGxlHh+UE5/fs9yQCMt3Dglwx5J
w2f/YeDdTxsEF6a0pfr5nicTWb5wTQqDCZQYdq22IGBFvhS2iI3BZkOOPw3r9CQw
VJMCPXS2vGxR1QG9Jax5TDCOxH9jgiviTGnr9wEaRK4KyOdUv2T2gZunSXxcmE2c
l1HVqsij
=A9CT
-----END PGP SIGNATURE-----