A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

## The security team appreciate your interest in the security of JP/Politikens Hus or subsidiaries. 

## Please use the below point of contact for security findings only. Sales or vendor requests will be blocked. 

## Please send relevant information about your security findings to:

Contact: mailto:security@jppol.dk



## Please contact us in either Danish or English

Preferred-Languages: da, en



## Public encryption key can be agreed upon first contact

Encryption: Shared on request



## Bug Bounty / Reward Statement

## -----------------------------

## JP/Politikens Hus or subsidiaries does not have a bug bounty/reward program and will therefore not offer paid bug/security rewards.

## We might however offer a token of our appreciation to security researchers who take the time and effort to 

## investigate and report security vulnerabilities to us.

##

## Best regards

## The security team at JP/Politikens Hus



## This information is only valid until:

Expires: 2030-12-31T00:00:00.000Z