A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Security.txt voor 123-hosting-server.com
# Conform RFC 9116

Contact: mailto:info@123-hosting-server.com
Expires: 2026-03-18T06:16:27Z
Canonical: https://123-hosting-server.com/.well-known/security.txt
Canonical: https://www.123-hosting-server.com/.well-known/security.txt
Policy: https://123-hosting-server.com
Encryption: https://123-hosting-server.com/.well-known/pgp-key.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEMx2yAbYi+f4VecwnzlgZL2i+JLAFAmh55rsACgkQzlgZL2i+
JLCQZQf+P0H3TMCt7Vwccb9Gzu+1Q4iqH6ZksWw1lz6t96ToPEyvOKbP6O3eAoIR
kv4+pCy/c5sNQIhmzurq2Tqn3L2bS5yTEZLpLDsuj9c8Wl5dlEIjXzZa4CnX8yRL
/x6vUTOc9NfeOAll6XboGpdFfn+R5IVI8OlpuatoLIX2DOUmruSLBfkI4guUe4RZ
WxRYG8yTXGK5IAtEAg5tn05yaW8G5BnRUbOKTyI8gxPAW/8tYcsO+GU6j4zq538q
LTadbl4dRo2SPX1xoq0avFTLUBRQS2zbJMoxERdjSRt8UE93RtCuSK0C7cWk/wlC
W3wGC3XLAt34pEsk3hPC5jZfdB+9ug==
=fXDm
-----END PGP SIGNATURE-----