A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Security.txt voor hsv-de-bears.nl
# Conform RFC 9116

Contact: mailto:info@hsv-de-bears.nl
Expires: 2026-03-18T06:16:15Z
Canonical: https://hsv-de-bears.nl/.well-known/security.txt
Canonical: https://www.hsv-de-bears.nl/.well-known/security.txt
Policy: https://hsv-de-bears.nl
Encryption: https://hsv-de-bears.nl/.well-known/pgp-key.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEElgWmYW+jB1PktAbZUxLzR8IzkiwFAmh55q8ACgkQUxLzR8Iz
kiymYAf8Ds8J8Vkfw18h86xi6OhaTrn3xd1O9AiNVBDpBe+o7/nrbP132TCMp5eB
dskJ1mitrYCz0Aoh2y6Ld7sb8yTyGzV2C1pYaPOq7sbJE/Wb0y9OISqzmta4/RFM
5aZQSevUCgh1AdW0ja0/eisxaTDnYERz/m5GDCcxkq+1Iu45y4wBOluWWBhFdZf3
cdyKKuMeCJqWyEpccLd5BmRcx+T2rqehIqECNjkeDumG1nd7/UX70l4NdkD0hjGm
4xdWktDejNTLKzFCFpLRXKIVeZ1tsLNxoho+nsHQRTp7vac76kxEZ8H9GgockkmA
7CwdJT/1fsndktMvsy8Dxd3SBVYiGw==
=O/Q3
-----END PGP SIGNATURE-----