A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security-external@webmethod.nl
Expires: 2023-12-12T22:59:00.000Z
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/3372CE9BE583FA231A0C5E91AB290D3DC2D0D05E
Acknowledgments: https://github.com/webmethod/coordinated-vulnerability-disclosure/tree/main/hall-of-fame
Preferred-Languages: nl, en
Canonical: https://www.webmethod.nl/.well-known/security.txt
Policy: https://github.com/webmethod/coordinated-vulnerability-disclosure
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEM3LOm+WD+iMaDF6RqykNPcLQ0F4FAmOXnyUACgkQqykNPcLQ
0F7cqQ/9HAjPvFQeJTDUDihfEkDbgFW2/Rg3H1kPzEl7UVpJks9lLa9B1U7uX0Ul
/dusdSbL3wsJhNL2cBi7xe3B8liqADjswBWWWYQurvxdYRtko/8XBSdP7L+LwdCT
6csnY8sVAmaKXhD67TQflXmRs0Qqvx7DTry8GbLOiWR6gsz3Z5qk7gGLWkYKGRpG
EG/Wy1bUv4CVEn1qy39nrOyqpE3oUaZjZdwU7zWW4axK3nEeZaUICMk8RiftLCEC
WPjMxY/h9pnuSj+m2t36uANSyXaQZIgmCykssLwu+Ed+//wZtf6Z6rx7eOy7pPD8
9QLSMRec2xTrmYnhVN5XwwXjM9ZwVd94vXMj42KXkiPKC5VzxwaVE6xpmX7koawU
YPgFyy4EUE1Ntpucuu6eAr/8SeYIRZVcd1g3bIi8OGnqf/6iDO2KHFDpKxcXHFWi
paM7ulLxegzX8CIT7Tjo4i6o7ninIrh9RZv0AjFXTpPzAGdusoGkxv0F6W1YPBqF
qkAd3/fh+9/OAfCIZEW6BpfgtZwOKzE7sV+jJbqheYOnb6dXESvxTjYgvTHSZ7lH
u03EZJ8trfhIJAKnQq5ZU8/m4xLRzvyv6payBeQxe9Xgaipmoej61r86vEEoSuhX
6bQ7IQCK1Vh3/ONQirwwadUAatEP3niTc4bbOM8+OWhRwrPsXu8=
=f6bU
-----END PGP SIGNATURE-----