A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:info@jannesmannes.nl
Expires: 2025-10-14T09:44:18+00:00
Encryption: https://jannesmannes.nl/pgp-key.txt
Preferred-Languages: en, nl
Canonical: https://www.blueorchard.nl/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEENOVgJxu5xp6kDGG1AQXjPNd3AWcFAmcM5/MACgkQAQXjPNd3
AWcKyw//TS97mnn4bzWz3oXRv8X9AC28dIxHOy5utt79+umhtWhK9UN6j2PiaAv4
LJiq3usPocQAaP/1VJMEwdCiAxznyL67Uu40YtpIvGr2/mq7fmgjnt9v5ZSi1Ym5
Iyk15Hd8Y5Ptt7iYXY7rt0jmZyIgSnXSP8XUj6LrmuG2EA5TiT9kL5UNXUNlt6mA
UH7151Ci70nDoRD9a9L7ObbCSUA3yUf3JWGuUwLkt3KYm+e7xzhDAzZyES89BdHI
2wYAzf3KlXPqf9wJhUKGA6skboM4rv9p3EMjY17U8+FyEQBYBwYL/grOZXUtG7BS
2+akvEcSAGkrwJpEcwi/rCr0lVshn7Ezd6CfWeDBYs8+ePtywUlmkqYp+6kvibPI
4SJBx1Ffaf2iHZK8kJnZ6c+cdNJKcccE+WkhUMoYU0PxF8IbXh5n8+AKqaVL8SS8
1hHt7VM/xnEYfD2hRk3wA6iFIc+wj5kkD5eAeFDLNpD2huGy9iHAc931YSBmgB+J
SNpdMCLLAMPvmqa8RfR1tPJCNliDcb7+Kuc+U7iO+xyVv3QnWaL3jYqncaUfC6eC
oKdAF8SRTzqb7LqiU49TEVDRNMCdKwzbL58ud01F0cJz22rDyTmytzaPoeDGka6X
sWQSwPn2EoKB8A8ziQG93fNEP4cKtfNN2JbY9fjMPG+9QUQBHnw=
=30V0
-----END PGP SIGNATURE-----