A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:jakob@jakob04.de
Expires: 2024-07-06T12:00:00.000Z
Encryption: https://jakob04.de/jakob.gpg
Preferred-Languages: en,de
Canonical: https://jakob04.de/.well-known/security.txt 
-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEgB/aUSCKwjqD8vslpWRhuPx6NQcFAmSm2t8RHGpha29iQGph
a29iMDQuZGUACgkQpWRhuPx6NQeZiQ//QG3Ux2GKED45iO4K2b42WPiYUGjW8nYP
KN7GnSVmJg1+5GoAfKciqDPIJKV26aAe95gxFKnsQLY2o1r8SzH0Ih9gsVvzUeMU
5iD4Yemv8/m+cwvefdlmWiLD9WezfVXlbQA0wtWMibF99u6TL9+HmQaEGR1czz1X
6UA+iIqVt5rYth0pT7Qyio7PM5v7/Pi3duGUY7Z+n7hy4eR0deSLFC8n8x0P5ehb
5KIy2rJuZjuTUZSmpPZHZKEEtV7yTL3Fe0Yk86kemc+PZArjVf90tXM4u5YBDvI/
pCERGUMSV3XJoPua+A5OoBFtdkQqJOBIi2Eleeqiue6Ns9eJEnmGP9G72e4WOgTb
K0hUifeDfw3tOiLQPtVCfZZb8VLYRuPmbdaIPhsXLqJgt0jcorziCJRvQ57hE615
X2bTxS9SdBb4xW+g6HUDIxWRZmrOPWVn/v/xB+ZXzDqWaqA5wQFYeTBJXU9AFOKc
sbQYjm2PuR4puh2qo5Q00J00sof89IfOeVPxDddl6imUkrJOXqfo3Wv57JLNSvtq
grgdbbU0n8kBEUjm4TLAxiS+j+ie5+WrnnX0LiFaPSsTVi/HZHxSTHffxQg0VBJ0
hRXIALw5DrnyDtsKbqkAMaeeoI4Qeq2rioCyeIW3tXP/59Fk34M0AbHfmb143XRB
3i1ReXC+3xo=
=cGQS
-----END PGP SIGNATURE-----