A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://igs.nl/.well-known/security.txt
Contact: mailto:security@isaeus.nl
Preferred-Languages: en,nl
Encryption: https://isaeus.nl/pgp-key.txt
Expires: 2026-05-03T03:41:12Z

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEJKZYhMDk9HcLcYvO3hipuwbh0DEFAmgVkFgACgkQ3hipuwbh
0DFI4Qv+Icc10oZ1BWTYkpY8E8mhhLfAixE35yRKAepbzH2cTPEU6mjrzzxDVTMF
cwMpD+3vRILToaYrUL/6geHdoFaiA3zw4ykdjkS8rbyvx8VYCGWLSLnaD2TR41Y/
N5r6jRXVpA9S73RZOVxWEew8OUq3Z12O7IkJZbJUGcNoVXpVTD2FFuUOXTs51bJB
+m74stMN/bMwgIpsxCd78Ib3s+6TA3DJWKWmRvt+L31WTFLj8PzeP/16dNos1any
gzXuB7jz2LvTfPti8Por58vkqICWF2IzJxe1Ipr6tWSfPCeDIWtgiTIeUFmPGnKm
yZLZhDxKLKLjZvuikbE/K7Aq6nlLl7afPIYS9tctTi/ZdZDE5FW//sg15eXQrInZ
pHvHTABjuK627y9P+VvlqCV/z81e3iPso6T/CdEQPdXHXbYG10hskVvvGkaJWlMd
QNHrqujpEt60+mSpLpuN492FIl4iFaS2oDAOe4i8MbfxgCX1v2LHdMM0QnPxX+Ue
KpwYi6zI
=w5Ma
-----END PGP SIGNATURE-----