A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security-reports@imi.de
Expires: 2024-06-30T21:59:00.000Z
Encryption: https://imi.de/pgp-key.txt
Preferred-Languages: en, de
Canonical: https://imi.de/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE/Z9mzXls2GUtnAg6oI2c89kx+kkFAmSVW3MACgkQoI2c89kx
+km1Iw//d1SV/HgnkIaGZQ/7VYV/ECQvZDm+JUmBnFWnRUI0CZKKo2cBvFsSxwaf
DqGKL3Ekp8h9A2UfcqPPCCfENbX5Fe+hvgzDGhVQfjAywuZeEj2cz5GHfJ/w/1+d
pQchPaU3IEVJ4v23uNBeDyKJdKI6toF+yRjhKomL8DXpVX6qeXf24yYdMCX7xt8b
cPBd/ah5qh5Zoqrc4wnXG9uizq5Coalvfx7QierUHaEr/ciIw/SqBriQkIsfHxRt
0m9qOhS8mwYjcTNhs4fEAQtLFId3QTXTekVUAPsDp7997163u/xxyGeSYGC4mQEI
OqKNolCpqkBpCFoMDkXSe7u6CgYreWkmhTR0OhzidIX4o0ej0fr31850YZwZq6wK
4mNKTKg31bKT49AqCzXay1ZyWYLiReyzDqJ/Dk3mkFwjozGlMxvRZUe7SGG+kO+r
qZSvwObLFM++m9YtS83LplofxbNCHaIvMs+pEHB013k9mDGiqPb5KvE4FeT9FlCX
V5Vz1Beamea/EqPoahgH9I9A/lnsqC0Hp6FODXquVZtvIKJLTtXa8spKXUrvqJEq
UhGXd4Ey7tw1piDglI9qZwztzLDgy6w7j9RA2Hk9U3WFuLveA42O8QLUmFs4H4Ww
8R3N8FPN1glVudpQO+jvb9Bc5Z72/0JNHH7B0/1WXYW6ttWafrQ=
=l1vf
-----END PGP SIGNATURE-----