A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Security.txt voor performanceserver.nl
# Conform RFC 9116

Contact: mailto:info@performanceserver.nl
Expires: 2026-03-18T06:15:54Z
Canonical: https://performanceserver.nl/.well-known/security.txt
Canonical: https://www.performanceserver.nl/.well-known/security.txt
Policy: https://performanceserver.nl
Encryption: https://performanceserver.nl/.well-known/pgp-key.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEb3gHNoiPfXaz/hToheGNPFlr1RUFAmh55poACgkQheGNPFlr
1RXYOggAsBCC0ibCmNcJOrdrnfi2JR5meEYNQcednS2OWUkuJ8V8aabrCRKt5WVi
xJOFGQsF2dNjDKULUXgeDxRnJpbn2/dWA2DSXNwppvNnrHEWzq6e+uT0pIwiIuzD
PzsFChu0Kmu47peLgMJsADlBeIGIUJiHL7dbVqsvCP2jvg4awkDtuHgJOIoyrUhW
+bRTTak+EJ4yqD0ML3LQgcq5yQ6VznCWkeu8Pbj2K7ROuP/N8rDkRmPYmU4ny2Ri
HyI4/9fte+ezj6pihFrTFkcoLnCvfNyVj6A2UAq5HxQdtXicTH6Qe4bB/MZxQ80q
2m/x6m+aRxFQMdkigjSk4nLNPbpVrA==
=hclt
-----END PGP SIGNATURE-----