A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:responsible-disclosure@mollie.com
Contact: mailto:security@mollie.com
Contact: https://hackerone.com/mollie
Preferred-Languages: en
Policy: https://www.mollie.com/en/responsible-disclosure
Encryption: https://www.mollie.com/security.aexpk
Acknowledgments: https://hackerone.com/mollie/thanks
Canonical: https://www.mollie.com/.well-known/security.txt
Canonical: https://mollie.com/.well-known/security.txt
Hiring: https://jobs.mollie.com/
Expires: 2025-09-01T13:37:00Z

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEBDdLmthFVuPRydYtyKYEs4tuEckFAmbW3tQUHHNlY3VyaXR5
QG1vbGxpZS5jb20ACgkQyKYEs4tuEcmCFw//cUXsWUDw4ZUPCUc7Q5RFqXI7ZGvz
3DwAK+/TZ7x0AHjYpEh/+7TE5Hq+TTPLF9LsJsbgHIITZ9YKkeaNXBHuxrmHEC06
/q1xuoHeHrLX7Wyez6IXny8vLrZ5GhcPZdoN5fXcSb9NY2rrUlm9A1WuCD2Ug8Sq
NZh5z1OteWRz3577uwREuHtgNFcPFWJUy0QwJ74HOO6UORDKRD+2OhH8HJ8CuN6C
9bohB4dtOkfYobU3xEwSD88xWTh/V2aAHMXvWNxFD1cp8Ce35I6NJ2I3N4d1yl3l
WzZYcG/KMSP8DP1iidkQdcJb1wXDSPWcrjOy2JsGZnHucydzX9OzAxN5R67K3yLq
gDAaRSywj+5pZhL3blLv3uQP+eqZmlvRu6wvpjgaU3LSgACHbsEpIBqkF8MhbBhU
bK1CuC5XZIR6LE9iZro29qcUk/SWjTMEfmsxt7LEFDwFzuuxUfrB2OaUuFL9uQBs
pu3N2LJeAuIHwdy/vAP6SCuTRiFZTNUNlSwrUa/veG7JE+Hy7/3w+7drgHFAGUNK
8FaV2pLn0gAOOEPpb4gIYwDVCw9p06yQppbV9d2Ryt99cj3UzhZKxtk20OvgRsti
tEuK5YrBA+zK+1ex70OLAEeafEb0yNnTocB5xFim7u/S3sX6tXB49QCcEhpfyu1K
EhWsdKsYa0NQMUU=
=0wop
-----END PGP SIGNATURE-----