A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:jens@plyp.com
Expires: 2025-01-09T23:00:00.000Z
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/3CA2C229EC7A8AB0EE98D431AD96F6F572A6D22A
Preferred-Languages: en, de
Canonical: https://www.plyp.com/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEci4R3bPsmS6uSKPIwbdNWZil9lcFAmWP+j8ACgkQwbdNWZil
9ldxYxAAqOM4sH7bGAaX2I+QCctDOfgXzvD2A8gi8f01S0okYMLqW67baQ7gvsk6
ZGwxhiGgVkSxbd8jINI0PK6RewB+RsPTIwbmcqi8KKz29P9clYkiV2cZTenHZmT7
PUuKAUHYBs9809IFHUEIPKcx3HaJqLQdAOim6ckSw7RjJRPBuhgG/MVbQKzOU4qu
eFZMjiEMp7w0z793SkWUMV1U2558VjFGUxvUU8300iTeJZqA1LDN/eo2HSCa00jw
Ek4uotttWqVFuPCmHqNFWNQsDXA+t8yTc9Y5sLlgQGP+GyZCWrYgnMKzsEtJar7i
BTfnEnebs1REqafVEUCZkckhrTTrskW5q08KphZ5/vyVTV03MRYzEerAy/9mFYaQ
Ww+5ddWowMvb/U80aX9pEd0OHVQaXZeu349N/oEa9bggcHxna/7txW2rDamoI5tI
dWr0QPHUEw7TuX7SWMsWtnJYEOKPcBEfvMlL1GhuQJiW8nTmTu3KS2PYirbgMqMi
zibC9PH0GgI6mSa+rwqDmq0ijO0NChlQdqXDnH8OVwuDBAQB7vTH0r63ZSLb30tN
R1ZZRDgRNhTqjHLip/wSI0E+dnxMYpMXRFM/mFBP+ZmJfZX04v1zPlrUg8xx9Lb1
8fezE//XYbxWroiUEwhLvJd3FWeqgny8ymsI20shll9AGcxxMs4=
=oZxz
-----END PGP SIGNATURE-----