A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:sec@remus32.cz
Encryption: https://remus32.cz/key.asc
Preferred-Languages: cs, en
Canonical: https://remus32.cz/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEMBVE2P6iIPO7BY7R+yiqZQ21qhEFAl4LpccACgkQ+yiqZQ21
qhFzMA//YFlhpEzULa6yM2VV1VbBZzKyK0dHwiHOjLIFgWlZSL7Se3oXlsgDK95Q
Y2PSBnk5THpwikBGSGnu73IxXutgfWh0iRIqZqKWOtTCiJORwZxJmbcg3TyHHPLP
aeQaZerrvAoOvJoRo5n9D7nqgPiZ5JQ4EFdDqwctePwhW7ncUNjbPtjssmprfQxH
RoaXcVW7B53ABvt2AC8NtMvKCe+QmkJfguPKXiJP8JtlI73sHn4bsyvod3CHhGyv
zqM94xHlqFPkqg2njLDAU1UVfXpYZU8bnYtpEBS7yXhsGlyRtFH74sk/nZWSmV9q
p8hm5erv5Rj7iTwvM3sisx6BSeUCNuDUZx/7UuR93N8m283tvpugtxqCCuK4MPh3
xz8laSEauJXuyDdxk+61AMqGiYXNnWrNZRIqVy5mAF9VTkv840V7H6mX+WX7QO6C
Oq1ch7i+IQp2NSJ5HbsTzI8SNP13kOWmu0VbSVN8UWbgqjSlFfQzEBB5aM5igW1c
SNAYw5NORrjLjRSbjr0f7b+Y6D7Oo7CDnlEM+S6Nm+JGhpyiWQxRgt2QdfbifdWa
XjFiD9xWWLfRLEJnIUIy9g9+JDt1eeVTWPhE3Zcn2VVfHAiJrc5P9vICVkh3lI75
iQMuCsuYOYcaajM5gdMjUQt/3CmeGqHwVznimlZ0BldGY4cK0u8=
=KhQk
-----END PGP SIGNATURE-----