A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:heverton@hevertonfreitas.com.br
Encryption: https://keybase.io/hevertonfreitas/pgp_keys.asc
Preferred-Languages: pt, en, es

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzNdsN/FK/1afPRGKvsfrA/bOxYEFAl6E3boACgkQvsfrA/bO
xYHklA//YWKa5DWRglTfd8Bv2TRXiwmHKSKaz2FR46kDCVBw0qoctjh/BI0gtPqe
vLGunq8vU/pdOL5sjg/OnWfETY2UWEkQDozHQIn7ZM47V+QTPjIW9mike7WcsF5V
hkhUGf7Yb/09s3OfKQ/UVs1hWWVXNedLax0O1DvNOCUspSj1Jg74SG+xuMs8o4qS
UOrTfxYxOhcargUTctqAyY89MbwA4PqAPfYq3a3xoGiMvPRE9GYcuua/n5/7Y/8p
NipXJUvxdVvOBTP4l5FOx/ZPD8qc6Xli0kFkc4906VRIVEd/6EAKiQkir5OJ5kKb
wDorhKhizvyxI5vw2W3Xbaam0YLS3UoIFPJ9PcKTSdyHefmaXBRQ/Sm/2mdKjKs+
/iol/YXgkM1Uhu7llPRfclgamlAjzIxbdevK5e98nj6RVOB64t5Op/J25ctX2nyi
4B4u0hPbYP/PxAOur4H0F2HYys07dZ0Y1YTcCh0lPS61HAN1wJ4koJ79jo4/wqoc
1vDEMz02ooCnTZH2+sxKBCUWpuXMOGzx6MRNZ5rPXu9GNf2J5GiF7bWyCybir00s
NnQ/mruo6WFyHWWJnxW46hJ7cqdfWGc5sJJ3xf44P1/L2McWOFQyNGdEdpr7xSIC
OjMsCzHnOquRmtMeX6Oo6AamWOVfgz4DnUGL6R513xQF4kYt94s=
=Kvlz
-----END PGP SIGNATURE-----