A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

#
# De IBD is de sectorale CERT / CSIRT voor alle Nederlandse gemeenten
# The IBD is the sectoral CERT / CSIRT for all Dutch municipalities

Contact: mailto:privacy@hilversum.nl
Contact: mailto:incident@IBDgemeenten.nl
Expires: 2026-06-01T22:00:00.000Z
Encryption: https://www.informatiebeveiligingsdienst.nl/product/ibd-asc/
Acknowledgments: https://www.informatiebeveiligingsdienst.nl/responsible-disclosure/2023-coordinated-vulnerability-disclosure-hall-of-fame/
Preferred-Languages: nl, en
Canonical: https://hilversum.nl/.well-known/security.txt
Canonical: https://www.hilversum.nl/.well-known/security.txt
Policy: https://www.informatiebeveiligingsdienst.nl/responsible-disclosure/
Policy: https://www.informatiebeveiligingsdienst.nl/responsible-disclosure-english/