A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@jcoscia.com
Expires: 2025-01-15T00:00:00.000Z
Preferred-Languages: en
Canonical: https://jcoscia.com/.well-known/security.txt
Canonical: https://jcoscia.com/security.txt
Encryption: https://jcoscia.com/pgp-key.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE3kfb/3iM1Vn4Pn+MJr+q60pMy0cFAmW7a9kACgkQJr+q60pM
y0cG3Q//awhEJzTDtLGy4CTx6TohTgtNtAx/iU3a8LuGSlSR4+oMUPOdd25iJanH
vHSjb3S/+GxjoS6hrQ+c+qZe7k/vYi3qrv4/hjHpdyU6kVCDsCOj4mzTL+sL5xg5
fr/ecFAj5GKFvIzvzHgvlzR2fQjmgFKChfUfEwT/iHvzs/+/W8mQ7wDxGqy30/h/
2IH8NrbGskHc0KYH5Pyk5hYKcuOX88Y+/2Qe3nKAkpAnGvURMt/cb/ygu/hpnyTy
aJ/XB/ipkOhBHlH8gsbcI+y+Wj1GpzhIAw5TTqeuYDQe3cet1AAeN3NBHMJ5bed1
OjlxWssddDZZCpFIhBic0mMZnMURipoC3Ff1AU5tTb5uZwc57FH+nySPi1i8cw00
99zwYbbwgNqENS87+HdCcxuxr3YwsgxpyMB9u8/UYv88X8kjIgVgpRAhA+2+tFi4
ZtQi0DByjE6XRes7QUi1tPf3I0QL3yEJCprzfnLGs+vqvTQblzI2oTyEnLnZ2fPV
Uj49UHcICeYNG/23nWTqS4/kaoc6uSAuWVzB36HAZRTlsgQvrRdTvnF0G+aKrOqd
Cmh5zMjXOZdlM4f48ad9+20Fp4FMz5N4BW+CIUNuW3rMUaWtTdTome04sD1J/71a
/ny4gbbtPOoKJDJmIz6HTwBCc3AjCAzcEb28fZMOXCY7HyJ6nxo=
=G7KB
-----END PGP SIGNATURE-----