A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



Contact: mailto:CERT@odido.nl



Policy: https://assets.odido.nl/x/70e0c93ba2/responsible_disclosure.pdf



Preferred-Languages: en, nl



Encryption: https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0x41009ba3c98228ff80cc405123647351a3233b2c



Canonical: https://www.odido.nl/.well-known/security.txt



Expires: 2025-09-08T08:00:00.000Z

-----BEGIN PGP SIGNATURE-----



iQIzBAEBCAAdFiEEQQCbo8mCKP+AzEBRI2RzUaMjOywFAmb6g1gACgkQI2RzUaMj

Oyw61RAAmqjndqhJE/tsEg5dfxmqovjsB1Ud/ex0gXstZpVl14rMPdI3ibwV3e/+

xEAWXDxfZq74rdwyxlSkZJm4P4gVVYWujSxhcUI7fGWv/N2bN1pf6bOaJ0wdvoYY

93zP8NsGTh/BlyedhK/oMk6IR5psfBG9fSkC79+TWIFPyoCBEKGrIT5QHwsvR55N

BfgN/S7o2861cGSvuanxNC4IpqXTOBlbHAWdxZzeENVEwMM+ZDcFKwEXPFE7DWjL

jAhhEBfyTPWF2aVOW46HZClEigem/ZffAtYqLNkNVkYwxjtqInScaKTmdU/Ae5ic

7nTuYLX5kjRF1dbm20FiLzJzyqjrVAfAz3YN4ac4eVaTT/QoLIVg1x9KnGxWnj58

UCXMqq/YiP/GIcqUDZ4D4qTcQti1ud6QBw0xpHy6w70mCM2QfMgCLYoxuCbh4dPX

zlyHJ/PIL6hg0vGHKtw77tggJyUVPlilt0Q5hQKkwA3wDdsPXE/Bzb8d6gmwNBbr

AlrXhhgsBbY8TfRsnuw2jFsut+qLjRqe9OqlXiBsDNVMZbnAKllx5yLHrCfxGRTk

qj/Z8PXxCo3C33A+9GLWJzpF+5+U+OI2VR5tO4kyJwuQ5QXIIWQRG/mSNQnoB7Ne

MSX5lAQeDXBdE2EmIrAD7evNjl2dHAf6ZF/1B8dj+htD3e6maWc=

=aetV

-----END PGP SIGNATURE-----