A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

#
# Snappet B.V. RFC 9116 security.txt
#
Expires: 2026-03-01T11:00:00.000Z
Canonical: https://app.snappet.org/.well-known/security.txt

# If you would like to report a security issue please first read our
# responsible disclosure (RD) / coordinated vulnerability disclosure(CVD) policy:
Policy: https://snappet.org/incl/Reporting-security-issues.pdf

# Please always try to contact us through our online form to speed up things.
Contact: mailto:cvd@snappet.org

# If you want to send an encrypted message with PGP, you can use the following public PGP key.
Encryption: https://snappet.org/.well-known/pgp.txt

# We can offer a proper response in the following languages:
Preferred-Languages: nl, en

# If you think you'd like to join our team, please visit our job vacancy page:
Hiring: https://snappet.recruitee.com/
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEu777u1jT2/hZRXFew16/4QhfB+oFAmfFgrAACgkQw16/4Qhf
B+qKcAv/XR+zLjAAJBDoDpJM8EaHP6xZSKZZ9hvgRJJNKtzusWLDl4i/8tb0r7Uz
J9bWVxsGiNTiCTlbk5MaNatCrmur6Ze4M6JFtwglh+EsAi/oJ995PMb8VtqrRLSM
hdNEZl0nmY0dyd3Eh5YOzWA94LySZHicp4zu49bbRnfa6aosM62WpcQ+oPTZ4uhm
z25M/HsydhfSsqrq/x8wvMloLcVRpW8iBbaITT4bK0eXG5G3Mb265JucJ6A8PJU5
/SsUuGGJdhCaABkbXgz1s9SW2VNNTo1zYXePvKhEByj1/6yNoCf4RjHnbYtBUpGw
IMOBw0vJzoiMcCiqSFXbpvCd714pr4oc3tVSp7x5ZISIU8MJ5EzyR79bI42Y6N94
TERds+AiVN+zO9br3uW7lOVQ4hD+WLGCnx4en0MaIEXa67iIrKMsmFXo2NLeQ1oi
CQgLncHzNT6tvRK2OT+4tKk2NDaozQoh5fo0BbxwTd9XY5nFkNr7k8vPYSFeizk2
Gi7pe+Ag
=DAtb
-----END PGP SIGNATURE-----