A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@axonius.com
Expires: 2025-12-31T17:59:00.000Z
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/F88C3C1EEFFF38141272B6BE40288F6EE365AB42
Preferred-Languages: en
Canonical: https://www.axonius.com/.well-known/security.txt
Policy: https://www.axonius.com/vdp
Hiring: https://www.axonius.com/company/careers/open-jobs
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE+Iw8Hu//OBQScra+QCiPbuNlq0IFAmc2bdsACgkQQCiPbuNl
q0KI4xAAgBqk6wykPtw9aXTtnxdeiOut6nrQmkrL1wywrDK/U/BUrkorj1pzsZB8
bt014UrfmQeVM2HJXw3hT2ioMwLzk5/hUIgGDUgpvTaM9DoftE9lHo2K2QflYolY
ghSAYwuVnOKtLAzW795ELN2HFb+H0lekKFyO4XQiFoWzGA0evfzKy9xXLv1gk4q2
G9ERyyyot50DM1Bcm+siR8YCgGchI6fjk0EcHrfqUWsc2AQUWveu6NLLz0sha4Bh
b/v3/HqhnQ3vsrCZbgFTZrn0xYxJkYOt+Dfll2RwSAmMvJVEefCt3YwK42vcjAxj
sZ1E9YT2W7aSRDTyCAS3LtyYFd+lVwwvnAnFO8rGm6E9CZUtwU+DFl7apcpnGN5T
PYtuOgJn6aUMDMeOgTGWZEXb1FBIqVhm3IgfPegIZqicYUqj1stJxTCYQL1Gs7Oi
klHAWrO9DAXiC2Z/R92l64MwZUZGKivFWI8ClBitLIzk59F0xf5dzxQgypvaNfH6
4R9zEf0cRPSvAk5RwXR5KrnjaAedwbQemyvTd3SVwB8uG8tI7MWUljXR9QiL5F+P
gpcAxXYQIlseovQdrXt2NYNg/yAReEFpAnZKTItcmgNzSbaepmMTAP62QTWZZToK
fWoILRprLUQdYXtcxWbkPcgnsjAiUUiODEhDFPrQe7HDusqhPVg=
=z/bG
-----END PGP SIGNATURE-----