A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



#  _     _    _ __  __  _____

# | |   | |  | |  \/  |/ ____|

# | |   | |  | | \  / | |

# | |   | |  | | |\/| | |

# | |___| |__| | |  | | |____

# |______\____/|_|__|_|\_____|

#  / ____|  ____|  __ \__   __|

# | |    | |__  | |__) | | |

# | |    |  __| |  _  /  | |

# | |____| |____| | \ \  | |

#  \_____|______|_|  \_\ |_|



# Please validate if you have the right security.txt file before using the information below.

# Most of our other websites will redirect to this central file, but some may have a similar file locally on the webserver.

# They should  all have the same content.

Canonical: https://www.lumc.nl/.well-known/security.txt



# You shouldn't trust this file, once it has expired.

# We are sometimes a bit forgetful, but we do have an annual re-occuring task to keep this file up-to-date.

Expires: 2025-05-31T21:59:00.000Z



# If you would like to report a security issue please first read our responsible disclosure policy:

Policy: https://www.lumc.nl/coordinated-vulnerability-disclosure-cvd/



# Please always try to contact us through e-mail.

Contact: mailto:cert@lumc.nl



# You can find the cert@lumc.nl PGP key on our website.

Encryption: https://www.lumc.nl/.well-known/pgp-public-key.txt



# We can offer you a proper response in the following languages:

Preferred-Languages: nl, en



# If you think you'd like to join our team, please visit our job vacancy page:

Hiring: https://www.lumc.nl/over-het-lumc/werken-bij/vacatures/

-----BEGIN PGP SIGNATURE-----



iHUEARMIAB0WIQQjbpRL8N1mqSEtY5i2VRm1BK92egUCZnV8aQAKCRC2VRm1BK92

elNXAQD80N4RGH5FybW+dB9STesSyg/4TnYlzPMBJ9n3tGYRWAD+I3tU3bFSHrOl

KG3ynFM795sRn4cpFwGZNCEMwrP2fnc=

=ZWWv

-----END PGP SIGNATURE-----