A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
# For security issues related to Amazon Web Services (AWS), please see our security policy Policy: https://aws.amazon.com/security/vulnerability-reporting/ # To contact AWS regarding a vulnerability Contact: mailto:aws-security@amazon.com Preferred-Languages: en # We support PGP encryption Encryption: https://aws.amazon.com/security/aws-pgp-public-key/ # This file expires every 365 days Expires: 2024-08-171T12:00:00z # We're hiring - join Amazon Security! Hiring: https://www.amazon.jobs/en/business_categories/amazon-security
This policy crawled by Onyphe on the 2024-04-01 is sorted as securitytxt.
FireBounty © 2015-2024