A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://issaeus.nl/.well-known/security.txt
Contact: mailto:security@isaeus.nl
Preferred-Languages: en,nl
Encryption: https://isaeus.nl/pgp-key.txt
Expires: 2026-08-07T06:48:56Z

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEJKZYhMDk9HcLcYvO3hipuwbh0DEFAmiUTFgACgkQ3hipuwbh
0DE+VAv+ORmfVfQsAmmFtxNLJmSAA23cKjzY1AhXeTeaxrjKkEHOlH4wLK0gKCYO
06HSY0g49gOT5cFPsQ7gKgA/M15Luncg1ZhIPCp24ZbBpRRvynCcYltUFlcQc1Vc
uqsGaPuYI/bwQyMb7aw3IotoXh1EvHcC3kXVUeAulTMyb0D/H5Pkm6MoUCOyNRfZ
0d54fUs/Zf/3nYln94oR1G80RfCZfYiJEH/f562ZhZgLqTAh0VwmtiAslmueHNeQ
/iQfNGjTzxcIi+Sltrjebvp+HdZnZK2mHAzpeUIZuGQx1UWsz9oz1Oz2Gf6eXHoX
va/W50h6t4fti1cSmggcXXcmjSPMtJHb3PthzWKWnlePAZROiSMIXJq0AFVy0DuS
0EbWfmm0JaDAOp6iatT7Z2K74h1GOjvRL2U/7VPWjsXTyh5uaauErWnsjn7MVmMg
+ebuLD7P1OVb0mN6A++RUW06yKe2RLV1Zd3nmoxdQs7zZTot2NmA9rW4871KW0xm
SAz/s6W9
=akxm
-----END PGP SIGNATURE-----