A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

# Security.txt voor groozers.com
# Conform RFC 9116

Contact: mailto:info@groozers.com
Expires: 2026-03-18T06:16:08Z
Canonical: https://groozers.com/.well-known/security.txt
Canonical: https://www.groozers.com/.well-known/security.txt
Policy: https://groozers.com
Encryption: https://groozers.com/.well-known/pgp-key.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJoeeaoAAoJEAyqnkPXwQe0PIwH/36t2dNaIX/ZmrFmkO0+2mO4
OagGbxrrGcDNcAzv3eqUEAkaoNpXhwXK7TpLXQFPkLrtgUnQvJpKgJlq+DzhoRDY
4yFXFTjy0xZb0KWzomqJGHT/YN7PG+fsVV7RxlTOHkR+GbDl6i9yp/RdYlF9ljcS
PF2vBAxf20+bxNQkZ03pcefrxJ1/5X+D1YIuNLRKikxc5lK5pbDYI2qH2f70ysoA
CkKkkLgMzy7dblo9AIxFWsRkDyMIS1/Ow57vRoDfCjLwg9MKoyH13rl5RjCS+g+W
C5Y1i4n9m3sq3enCUr4FPE6bmPHdQ99d4/DeLyKdV1QAfOlo2mk3yHTJKuFDMzA=
=zeHl
-----END PGP SIGNATURE-----