A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

# Canonical URL
Canonical: https://proseal-afdichtingen.nl/.well-known/security.txt

# Our security address
Contact: mailto:support@your-webhost.nl

# Our security policy
Policy: https://www.your-webhost.nl/beveiligingslek-melden.html

# These are the languages we speak
Preferred-Languages: en,nl

# Our OpenPGP key
Encryption: https://proseal-afdichtingen.nl/stxt-encryption.txt

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-08-01T03:54:00Z

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJojDpYAAoJEK+cbOexOUnYX8IH/23RHus6aroDxDKMpEI+PDog
QCwD7cpji2gQK9hUjJU7d/8JFpd4FL5EY2l3sPjodtyQFqs1XXiLtFOlKT00hcpN
9mQCW+i4SWGPchxIG6p9wCjhl961+EBUZXgshICxdENenr4zEcHAXr7WcIWcYK3d
d1NjT83m1i8FoOBGAY0QVh/IrCwOAIxJYYhwN9kaedrlenNeHb09W56z7E/B7DZZ
KKk5fcXpSG/QNZ3XmQ2XxxcGCfwu0DgsCxrzQ1SIBD1Z63JixJ9+baQU3a3BiLXu
ZV2d0O+7zDm4m5Jfvxeq9Cgy4J02reTAqOSmS8q0JKhp+DbIMAL/I8FFfKWIa6Q=
=AJfz
-----END PGP SIGNATURE-----