A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://van-den-herik.nl/.well-known/security.txt

# Our security address
Contact: https://daxis-ict.nl/meld-kwetsbaarheid/
Contact: https://daxis-ict.nl/report-vulnerability/

# Our security policy
Policy: https://daxis-ict.nl/meld-kwetsbaarheid/#policy
Policy: https://daxis-ict.nl/report-vulnerability/#policy

# Hall of fame
Acknowledgments: https://daxis-ict.nl/hall-of-fame/

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: https://daxis-ict.nl/meld-kwetsbaarheid/
Encryption: https://daxis-ict.nl/report-vulnerability/
Encryption: openpgp4fpr:811100944C94E98784B291AC6C447AC1825F7655

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-05-01T03:16:14Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgREAlEyU6YeEspGsbER6wYJfdlUFAml+044ACgkQbER6wYJf
dlVSuw/9EdmpU57Gjbl/7qO5S8h2WxSZhOvbohiYs79TAfs2hof7kM5NAFIiPBUD
gv5XkL3JbxrJmUOdQLhPXFN7MRcD1wLLOCHUB/YS1OgEiP6DE4/lWP+n/Kl4ee3d
fF67wAkzMe/NeZrZnewyqTusSfLTH4UJrKR/9At9nrvXinbQq5Gz4iv0nuf4Njxv
/NtBRMGpHjeOVj2nqOKntAEfHGsjijZ7gUQWxE46KdZ+q6ccOOZusM4YIZXQLroz
W93+sk94uv0qFsJXCX9e8A4j/u+i0vmoKrgVvZ/sv8rRtV0s3JLuCseBuu9kJuck
FxBdLmA5VbAXglUrx27eFe6Fbje+YUNK0v1+oEYUFytdDPWTd4eq4Wq1dHP8d345
j1pmjPBMSikQdWrcuTl1rSdmFA0X9hPtCXhe1q/6CNM3buf8f2E0zOuLXhs3sh0v
6ut3JpYPlvTQmyMu6JZUqqyrCYRWeeocbYSprNWasDLCIenj1JlHDatv3xEdNRaj
rc3wbWJdr78d3C+RFP9fzovH2GMJ1So6H3BJeIaraFwCWgG9Vm4cgRw/xGO3wbhp
tIStnVYxthPqpW347x0zLyDHbHkH2Uf8fkngsER+OyK5VSCl9QskuJHIhMuf4+i+
qz8fiY7WWmQsBFneKFeoG4JmJWd2fPAPYvtYvylgkC9N9Nb02a0=
=U/0g
-----END PGP SIGNATURE-----