A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@value.space
Expires: 2023-12-31T21:59:00.000Z
Encryption: https://www.value.space/gpg/security-at-valuespace-pubkey-92751EA161E95F8CFA05F0DBA63CE4D7B27ACE0D.txt
Preferred-Languages: en
Canonical: https://www.value.space/.well-known/security.txt
 -----BEGIN PGP SIGNATURE-----
 
 iQJJBAEBCAAzFiEEknUeoWHpX4z6BfDbpjzk17J6zg0FAmHVlucVHHNlY3VyaXR5
 QHZhbHVlLnNwYWNlAAoJEKY85Neyes4NdzoQAIyM2JPYwQZ2lm+erkPkse+jEkqT
 lOR0dTxJ6IxBG7gcb2ZtxkN0hA2WeJZ/cuD70hdmMLIrTF6ZE5mK5yHGyj7cT0Vf
 aIIltwzHoz693Eg2h1EuBRrLfGBTNq37qz2CjROmBA09P5Puj/hcRxfdB7qds+y4
 VC71l+1FwFvze8kBjSugkY1fXFbZWq6sZhCtRZedGKKA2qrKkXIlUlAxC/ZcKuvZ
 kqQzGu6s+AYILVjEZ+E5xTk1Sn9wfcjg5bZEl17VKy2iZREka3a2ETghb+DwbCy0
 oGOQLbSzRnvXGzzq5le1F2GQnKq3rqTTujCm5/HueEk/E5/iDurnF7mZ7JjYHbJ7
 8AOgqszLbYRWabF/WdfHz6HHzQ7e8M0FWWVjdS6IDkRzH71q1mqiSfBqlsjmlDk/
 aIAvVnitdv+R+/ASiLbWtLbVkQSb35X6VHDjaakjclwKcRQ1u6lCRR0BiCo/FwcO
 Y5pmYz6ZWDDnauybik/aHlCYVVhU+ajBiLgSywA2mFB1cY1vpwpwtnc+yrcuU0wR
 hkKl7er7Vuq7NoUaELSamDDQG6/aOy7hIuombzrkEU3UddTDQxEt2LU7t1ieKkou
 TjBWSGIj7a3pJXKEi6oNnUd2vPSVZaSDtmdNNst3aABwxcfFB+DN9wIaFPm94eG2
 +keD1ZuG47iIt4zy
 =fill
 -----END PGP SIGNATURE-----