A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:servicedesk@oostgelre.nl
Encryption: https://oostgel.re/.well-known/pgp-key.txt
Expires: 2026-09-22T13:26:54.899Z
Canonical: https://oostgelreservice.nl/.well-known/security.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEzNWFy97SlFPP9FFxmgljPqOGleAFAmj4254ACgkQmgljPqOG
leBwJRAAmEK5LA3SxethxMZWnSMjhtAVGuyN/OGJ7y2rwzrapWbjq7W3Gz799DL0
8Bg7WeDjyY3l++RaEEOmXc6NgImGjyAKgYKeP9eqti9VNP1QlcIU0JTMwuRdzRXK
SwN18WVbg5g4NxSsugRLwwNJt9LLM0WFABPB4APlsIbRMKRhV6Ctq49jECTTBxku
etKmodO6MI5XlsrkK367Ud21bLdLyBUazL3BewDDoqPVkN2WZ0PEnI3xF6vgPMI+
AbrDBTzVI6r3Xf7K9i/c819Tz05oQYdfZEDZkaCnrHZ/r9R/+Or1w9gCPU7NBwmJ
oW0TFAf6DjXV5yE8HzfJqWryvJmhSuacHWlO5sUQJdyvMxDh84LlOu87iPGj7M3W
H668YSRr1zaMWYyAiJlt3ASRRPUYTn+ZTjTeqrS+GT7DZ+b3cLAlWwVZqjRKe84E
IYPrEVSBwF9Ji/FlxUxIZ2MHqYcjCIX8b7Sy9EQ8fsoIuPRts9mc+7A0qYCGqUQq
DtOWnD7IYmTr1GV61x1I6HHz4sEIpXwbaK5a5y1WPeTt+9ku8jVopGZDt7ZYJOay
jM3SFkthExVCDJXysupmazy0al7/hO1g57MqqGSXUnTKainy8wgtX2xWaGbMKxKS
GlkuEgA3HEk8GY+qcqUll8nd2Lds/i6o7MGzlLSOa+QCQBPLUVk=
=RCbq
-----END PGP SIGNATURE-----