A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@fooster.network
Encryption: https://file.lily.flowers/lily/lily.asc
Acknowledgments: https://lily.flowers/thanks
Preferred-Languages: en
Canonical: https://lily.flowers/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwbIfFIo3TMC9SndvLiOvZosUuh8FAl8jb9EACgkQLiOvZosU
uh85ixAAhF7vfLo1eEb0DPcvnBJ0HQGyK4Dl+lvNKpDHqGkcgbiK8vKbWWz3EVnh
YlQquyLcNZOekFpPZJO381zJLdqDjJtw4XT85gNiQAPHxSgVcAItVlleftw0aemR
l6sejfM88Fo9oSg4Djfn0SvFjhObjcdQ0rJ/2HLKLEKltSUdIbgmBv7MCYIo0LFA
IuIg7nYdI/2v2QBwECInlyAXxF73bKUDcLNAblIdKPja62P163jBLjZwKkQb2lxV
s06i57FNez6xe8xtURSjGhM7tSqp9d6oxMFQxFYjDpkqHY52sIAV5tGyLyogDDOG
HGV5fEzjzXNZNz0D5P8mmMajkQ4/39Fy+PSjV1apVL4FuV7Gpyb8ZkGgsxR7RY5R
nuY//a0JMIWBKYl0q9d25d6HMFtbxNtz47DFpv6FcDXVeKfTi0ZULcTudHmTgrfx
AZZBaJXctzhLkmYGcrLe1MM+0hWvMDJHdLYONWqPKTzxYhCn/TJDg4Vh29yKU35d
Ss6CpMxnON21lmydhZiduAgl7/vWjL94e/X6bPy4KfCo7nKqkhWGmVUUfApZqPmi
MKrWloPh8TcGMk5GsbPchOCY58RVPiWkh7JYnUjb4A7fvL0lcDHVbsDhfzRd4+VU
aoGB7YxGsM5EwRzKBQvSmPgNiIuJ6MSOx1QEW4vj7LJcWR/aifk=
=1ZEQ
-----END PGP SIGNATURE-----