A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: https://speakbox-staging.ca/security/response
Expires: 2023-01-31T08:00:00.000Z
Encryption: https://speakbox-staging.ca/.well-known/pgp-key.txt
Preferred-Languages: en, fr
Canonical: https://speakbox-staging.ca/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

wsFcBAEBCAAQBQJhNdvrCRBu3UsL+5MCtgAAf5oQABrwAOn431WBgi8Qz5QfpQ0g
hjluw+3eCeX4r2paNpcOcaTn5M3e1gYqtJ3ATDEvrYaaAX/7SQpzGscLX8EIspLG
7pEYiIxZ5fdsUPa47jHX86ZXbZI7wnBy3qNxOAvOtI+GG3IcPh9d0UV1myrvD+Ss
uQRqHGowLTT8aEg64m2JywZZzGmvtTaERaxZyICSnlPYI5B0dNyMVWBObQsQY3dX
rPwvjkkpKJCJBT9KGNRNOFNLthiocBBB7IFiymxblbt6H1ddN3mlImzK7OMW2M8H
PP8EOwnCz8FcPyrhRCRW2ovqS5qvTHYSx1+zD0SSgId/yXZO6VCpH8NNE3tiFoDW
Sost+w1UeDm0B2jhP1FYhAFHLHl2MFDtLg/XVEJ+/eWuW0DjKcLcsgGY/ENdzKy1
WVeXoFZMy2ihjA3T2w+dhqNV7lZ+93KeYXAYBa9VjnMAWOIHjZQV1No43mAKazop
eK5xjOVH3X25Gq7Kl4MpHk3+UUEB75U6zyWOj4pTZXvv6We271+yy4MszTcMsoS7
LhLeUkmyKrwLJI958mhzKsQFTm+ygURoWEtzdqMrPtjxzHTZ/QjhQGUdm4n5kJar
c7phoG/p5lKBmX3m+6yV5/1GMErYcw11llbfrwAQkm9qW/LSkimPqyxnxq7qb3yT
XoIIgX60ulm+vKfBTy0W
=cMas
-----END PGP SIGNATURE-----