A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:soc@mcx.nl
Expires: 2025-08-05T12:15:00.000Z
Encryption: https://www.mcx.nl/uploads/pub-keys/soc_cert_mcx_nl.txt
Preferred-Languages: en, nl
Canonical: https://www.mcx.nl/.well-known/security.txt
Canonical: https://mcx.nl/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEEDV7qui6vHxP0u/AT2xP9EHCbiYAFAmayGx8ACgkQ2xP9EHCb
iYAipwv8DFXMz8b8KKI1i8YbE+65K4a+D+5TSU6upihCKDq8XjbO+h2h1QBhiFKr
HTi0uyjY153g+z7k0dDmOuElZ4WgqqEfUBAFiK+D5LY3TJcU1sEoF+B1SndPpYYg
3RH06HUk63zp4waITX0y4lj6khRxdJlOjfQtahRkRpF35WZI+6HyjQP+9bh1T+Dv
7CJLv2BRmXo/RnSsJsG8bpDKYVRXf0/a9TA3Ut4Qqx1GExvfze1CD2UGywcp2JYw
9tpDr+qGbk2PYn5COFqVjqwmPcWlu/J39BCwIstHqgQITSkabrkG6kYQLNVEbhIu
FwUQw+O9iLcK9NiaOZdfW3ku0ZABlR2KnXAJqrhnCuMVOPHIioo1xTzq29TCD0i1
4pMGhn49blRH+Ru6LvlYkQ5RbICnrarBGxUaPKeYvZwEG5AI96x6h+CJqPm7nvkG
CS/6/dtG308iJm3+/Os7iD5ugA46CQlUmV0xzXdpX+OSl+PkQuxOiz4FYPCV46x+
VxO16IhK
=YGZc
-----END PGP SIGNATURE-----