A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:security@mkool.com
Expires: 2026-01-31T22:00:00.000Z
Preferred-Languages: nl,en
Canonical: https://www.mkool.com/.well-known/security.txt
Canonical: https://mkool.com/.well-known/security.txt
encryption: https://www.mkool.com/.well-known/pgp.txt
-----BEGIN PGP SIGNATURE-----

iQJHBAEBCgAxFiEE90UW9ZzNXoQkGI+fw/ibBdTbgqsFAmgmOPwTHHNlY3VyaXR5
QG1rb29sLmNvbQAKCRDD+JsF1NuCq/OBD/9sLwJVrZtjZaR2J4vHPNy+5LpgXXKz
HDbunxcfGcW3q0GVlg1ktKJysCIaqVSckAUart8fVVdP5HAIHJbRSynPPFihcEdP
Mzd3c2mXsWDj7MyEq2J0RkRjmvXKND2q+pYKauBxw9pjj5tRY9zxFToMPbFfSH0d
9OAQ4e7fWLqkGruRAlqsG+f2FY/R0yHUp5NJyMEBJBp0escis3+Z+R7oqznP9nqc
rVMWrrNCsjGYVxrwhp+gXekcsQKxxikwnDVU5r0A/JX1oZUOmWCiaj+GO5bKzYDb
S7Froy28DqxRVIWPlQ+hALztDkPmsUlCXwWf86IiKoQN8S5Rz3D4HQ/9vKQZOWpH
GJq3kHagZw1YWiVTgadyK+qAAGLyDQ78aoozQjVX77sEp05lcPEVyUPYr3RAdfnv
MrFcAG6PeDXGiSm0eanAbBMeGfy+kqeACDq7o7pQ2WcqywVXn9BEq90yLGE1Ivj1
ziUu0t+kBSVUNPPG89ixM5PpINR42E8pH3ckqkpXZrTnrDsKKpHYXkUgVx25kysN
U6L6Kuv7ZiAXmK2Vuswdrm7l0+gNNAhJ8cnWEBJJg49HWaFRcT24avKNV3RbY3xG
IidzLValcDO5fsJEewiRkFM2i9EAwKvPwMLsMOj18wg/cJMYMs7LyazcdYaoPVqm
VB3DPSi/RcOwpw==
=kpmq
-----END PGP SIGNATURE-----