A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:fabian@nostur.com
Expires: 2026-07-16T05:30:00.000Z
Encryption: https://nostur.com/Fabian-DEBF7A55.asc
Preferred-Languages: en, nl
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEud1SvC2xs3vE7fpeuUw95d6/elUFAmS0EhEACgkQuUw95d6/
elVlFQ/9FroVoOF0SDiD2FrcFBTsBKi54vOBe+v9InSiRpyJKpowm4uResMihZYk
gy0olv9RiFUDg4Wl09ynb/5uIiZMiIqYeKXo+nXTxxTVALN/UzyLGYEe7jZjkiHJ
61//xoz5PuN3+bJbxWVYeeFkBvIccm31gJ/hrsBv/QkaAUKQRZ7+Qn8TqaPyYUGc
+yhfWRobEJqN5C9DKtPtdl5xT8ib9O7ZQ5QgUtXdxnztIZAskYlDTR9RS1PxtXpM
4x4yJEoNg6MWNoLeJscXD1XT5S/O/JJfaaUUoFVbtw/0aJdv+7SKuueXI0/KJwsW
/AfW6dld89kOGs330LIGUlOxGu/AFXPTHuyV6QFHlvuR2H22XWZZjl+qN055t+fC
G+GisfLf250wRRqHWjavVTGTcKbp0I0urNFlR1ORXY2weqcdUx/QmtjWVkMQ1eRI
4eOYzGgvgzy/D6iqIbLSase/TBH4+vvXwsO1vD4UWcERFxJasQm4BvxlGGrPMvt3
1tycu9VHGqFP59Caf00ZHOS0YmP/uFXlrlEOIsDL62YYKBQAxEMarGAk7gkkDzmL
RjSpRvyWN8o+OroOP1No2b1dnEkoXvyDNEK4blrLNMeTjZE/VRyFf0fkSWyLQ9zz
2/wEo/lg05LERa/S7OGopvgqTkVg6SPeUpmC5+0Jo3nrGxHOKAY=
=5El8
-----END PGP SIGNATURE-----