A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Contact: mailto:infosec@cfsbrands.com Encryption: https://keybase.io/cfsbrands/pgp_keys.asc Preferred-Languages: en Canonical: https://www.cfsbrands.com/security.txt Hiring: https://recruiting.adp.com/srccar/public/RTI.home?c=2171907&d=ExternalCareerSite-CFS -----BEGIN PGP SIGNATURE----- Version: Keybase OpenPGP v2.1.3 Comment: https://keybase.io/crypto wsBcBAABCgAGBQJeMbUIAAoJEKdNor90IB6dR9sH/07t4pOyJetfNXp4kLcpPD4N qxq5n7e47K1K7F6a6oixFVwsl36/HLqyVsgWZs9uHM2aYzBuqfWuhfwctii/CsD7 bVXJCjnrz9VoukU/8FMHvrLa+xeHT22OIT/w9hOxY8Z5ZOtJSvFLKQl+xxT3msbB xjMVNAj63vuhSh1xLF6gZxcx6fdvI0kfZGdfh9g3mUKK5g4I21kYfxe0mM7pu0NQ FM9NZ5FUJ1M5hoJ3gTro8RQZk5BbmpGnhtAAK/PNCOxRTXEKNdGxZaxx4prf5d70 ImxvwjfwAmPb63DeW1Dn0FKXWMJXeOeV4fjOMPBInp7cgllTkA/8io312nt7fU8= =2E2k -----END PGP SIGNATURE-----
This policy crawled by Onyphe on the 2020-09-04 is sorted as securitytxt.
FireBounty © 2015-2024