A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA512



# Our security address for making a report

Contact: mailto:security-report@d-fine.com



# Where to find the security.txt

Canonical: https://www.d-fine.com/.well-known/security.txt



# Where to find our PGP-key

Encryption: https://www.d-fine.com/.well-known/pgp-key/security-report_public.asc



# What language to use to contact us

Preferred-Languages: de, en



Expires: 2027-12-01T00:00:00z



-----BEGIN PGP SIGNATURE-----



iHUEARYKAB0WIQTB4VDsoY/Y7Lh9turhPfQz/PLp8AUCZpAGNgAKCRDhPfQz/PLp

8B83AP97zvWDi7y8PtrB9MNB2BWu9cBy3WUFf3Y/X/icaonU/wEAt0cJuq0FehZn

hdQdxlue6uoq1qA38F9MecNQbzBpSwA=

=a2Fu

-----END PGP SIGNATURE-----