A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 # For Coordinated Vulnerability Disclosure please contact the mailbox below. Contact: mailto:it-security@symrise.com Expires: 2025-01-31T23:00:00.000Z Preferred-Languages: de, en # Canonical URLs Canonical: https://www.symrise.com/.well-known/security.txt Canonical: https://www.diana-food.com/.well-known/security.txt Canonical: https://www.symotion.com/.well-known/security.txt Canonical: https://www.tesium.com/.well-known/security.txt Canonical: https://giraffefoods.com/.well-known/security.txt # Encryption Public OpenPGP Key Encryption: https://www.symrise.com/.well-known/public.pgp Hiring: https://www.symrise.com/your-career # Scope and Guidelines: # Vulnerabilities found on our Domains *.symrise.com, *.diana-food.com, *.symotion.com, *.tesium.com, *.giraffefoods.com # Do not use the following methods: Brute force,Denial of service (DDoS),Injecting Malware, Social engineering (e.g. phishing etc.), Corrupting Data, Any method that would disrupt our services. # Provide us with a reasonable amount of time to resolve vulnerabilities prior to any disclosure to the public or a third-party. # Within the framework of the legal system, we will consider activities conducted consistent with this policy to constitute "authorized" conduct and will not pursue civil action or initiate a complaint to law enforcement. # Currently it is not possible to provide any payment or any kind of bounty for any found flaw in our systems. -----BEGIN PGP SIGNATURE----- iQGzBAABCAAdFiEEe++NPeUdKvIQgmk1nAU2Y7L7BSAFAmW4qT0ACgkQnAU2Y7L7 BSBOZAwAyq8dvc/jq43ziL+GmZ7YvjJBcQHKLzQKz2WoicAXUc6Gqeorc6Hk8xpb ffsexxfgDMZGzxkzYjSEGF4SuHsmo5V9R8qxxeVLqpp82Keqd/7HQt20RIpt/Djd /b7gwp5N8C7npc0E0p0hSlpey3jMonUtDq9r1+W1fnMO+vO+HiFF5Iy6oQQoPNU1 X3B/SSXeShLGX3SWCvoljSGiCHlSjypxwDszekRfsXviXYOsCr6XeqBBdVk0DZsz 6EsHTU3LeNjqWfSKY02Qmhi937fJaArZe/7rVPJ0qp0DvIELiGV/WJ+P0QTPgjga fh/6LH4K67fXx0n55aK7ccOu9rOgPrhRLAlGl/cXBeiWq95h116GeSMnbGsgUaIB VuU85+bcCkDDCH7Jd27sadeAmN27qE899QkBM9AEy/1jBbRXWNiW1Gxd1Gda0NoP hqwBqYuSYYoePgNPo+BkrRNrkTPWe0P3FVO+jdHvh3xZx4EGzZMVz8kXudQChbK/ 4K1gEI8o =JDJ2 -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2024-04-01 is sorted as securitytxt.
FireBounty © 2015-2024