A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----


Hash: SHA256





Contact: mailto:CERT@odido.nl





Policy: https://assets.odido.nl/x/70e0c93ba2/responsible_disclosure.pdf





Preferred-Languages: en, nl





Encryption: https://pgp.surfnet.nl/pks/lookup?op=vindex&fingerprint=on&search=0x41009ba3c98228ff80cc405123647351a3233b2c





Canonical: https://www.odido.nl/.well-known/security.txt





Expires: 2025-09-08T08:00:00.000Z


-----BEGIN PGP SIGNATURE-----





iQIzBAEBCAAdFiEEQQCbo8mCKP+AzEBRI2RzUaMjOywFAmb6g1gACgkQI2RzUaMj


Oyw61RAAmqjndqhJE/tsEg5dfxmqovjsB1Ud/ex0gXstZpVl14rMPdI3ibwV3e/+


xEAWXDxfZq74rdwyxlSkZJm4P4gVVYWujSxhcUI7fGWv/N2bN1pf6bOaJ0wdvoYY


93zP8NsGTh/BlyedhK/oMk6IR5psfBG9fSkC79+TWIFPyoCBEKGrIT5QHwsvR55N


BfgN/S7o2861cGSvuanxNC4IpqXTOBlbHAWdxZzeENVEwMM+ZDcFKwEXPFE7DWjL


jAhhEBfyTPWF2aVOW46HZClEigem/ZffAtYqLNkNVkYwxjtqInScaKTmdU/Ae5ic


7nTuYLX5kjRF1dbm20FiLzJzyqjrVAfAz3YN4ac4eVaTT/QoLIVg1x9KnGxWnj58


UCXMqq/YiP/GIcqUDZ4D4qTcQti1ud6QBw0xpHy6w70mCM2QfMgCLYoxuCbh4dPX


zlyHJ/PIL6hg0vGHKtw77tggJyUVPlilt0Q5hQKkwA3wDdsPXE/Bzb8d6gmwNBbr


AlrXhhgsBbY8TfRsnuw2jFsut+qLjRqe9OqlXiBsDNVMZbnAKllx5yLHrCfxGRTk


qj/Z8PXxCo3C33A+9GLWJzpF+5+U+OI2VR5tO4kyJwuQ5QXIIWQRG/mSNQnoB7Ne


MSX5lAQeDXBdE2EmIrAD7evNjl2dHAf6ZF/1B8dj+htD3e6maWc=


=aetV


-----END PGP SIGNATURE-----