A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



Contact: https://sangu.email/security-contacts/

Expires: 2024-04-27T18:00:00.000Z

Encryption: https://sangu.email/.well-known/secops_public.txt

Encryption: https://sangumail.com/.well-known/secops_public.txt

Preferred-Languages: en

Canonical: https://sangu.email/.well-known/security.txt

Canonical: https://sangumail.com/.well-known/security.txt

Policy: https://sangu.email/CVD.txt

-----BEGIN PGP SIGNATURE-----



iQIzBAEBCAAdFiEEADFld+93oROZVPUnl9umEVMmPpYFAmJpixMACgkQl9umEVMm

PpYOdRAAmqvtPIQih5vXaaxhPw15eGnfTlGSJFlo1ByUBIiq34+RNllt8/dv54NB

q7k8fP3inmiolPLe1iuGJ4vK1Xu+UCVj0Dpk2DkfoUMNKjSAWGRbWkdX5uQrPnc8

MOFAaizGXrSufuyDjnzRoCBzXqfbV0vR2pEiJuuMu5uRFVVAk0vvJly9uxJWMYJF

+cNNMvhauhe5RRfKmnO2UJV9RiskVwUtuVH+f6neNFeepkt0sYkibhRD1bSSoUn0

xQQtB6Gson9rzLLwIxUjeUbM6iCUADe+VWR8f+altUO58AB5vd3y+2LnAceXCxLQ

lAfG1Oorzmgju8eM09toBC96dh8kpGkUoGHL7WBN7HWG0uWM1nnZoWzwZD/vDree

eHoHUaCZ5rj0T92qLJ0KRhFbXhycFoJTsWltHAFKOO9mWDtoLerfXimQ3RC22jHu

fOuUAgc3UDQ3DZH8ZHWC5+R89l+MHLZCaRgJLkiovtxzhkcNJifcwoltxWMBGwSl

+SjUqmlzv3vdFVAZSptEPSL6hDFhTIO3lZpM3fEIP1amvzMpLsydUAtK72EKE8KL

xcU05LyLIJdSBtJoW1HpAgBkSV8u6UUf2TxLuDtpa1nXEzsCkVpzIY7NcOF1vckt

ZqdYAGG3qQVKgjYdEc7UPxO704I3EjuAsFJh18rOE04G5gR2ar0=

=8VjP

-----END PGP SIGNATURE-----