A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://faktorij.nl/.well-known/security.txt

# Our security address
Contact: https://daxis-ict.nl/meld-kwetsbaarheid/
Contact: https://daxis-ict.nl/report-vulnerability/

# Our security policy
Policy: https://daxis-ict.nl/meld-kwetsbaarheid/#policy
Policy: https://daxis-ict.nl/report-vulnerability/#policy

# Hall of fame
Acknowledgments: https://daxis-ict.nl/hall-of-fame/

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: https://daxis-ict.nl/meld-kwetsbaarheid/
Encryption: https://daxis-ict.nl/report-vulnerability/
Encryption: openpgp4fpr:811100944C94E98784B291AC6C447AC1825F7655

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-05-01T03:06:23Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgREAlEyU6YeEspGsbER6wYJfdlUFAml+0T8ACgkQbER6wYJf
dlVJag/+JDQoB6P6YxtdLIev4tZCf1/ky08RF+MBufPUGEkzYtvneyyONrnlBF+M
Pk/m97h317di5rO8ee8V6aoSB++8MezXnzJDz5q2XcpwXutzZXiyv4CCh9WbMGtn
wPC7LGciePpDrhwusgAf3iEVdhcMlAm+DDPCfhJqImeRs/AIc7edsvGb95tPqBrw
tj4lGIN/mxRmddoSpGmpkEJnYxxPy4bbA+S2npYfuWGmajX4Z1UKDXYWehJ5zO2H
tqYi+PFwKtG5odq4KMb/1QFz8OlJb3T6dBmJppMKQGaUh8cyr7a6KzkIMvwUWATV
GLCwBu7GsaTREY05XhEMID3EZkGmWCggFKA6B+VBKPXBu2e1D/xTpzDvMZP8BGuv
S1lRuCyEkbzoBWSOg+OXoiAzWe+HoGyCH907JoR2p8zH5q+Fgu6vKh4JqQo+3K7G
O0I+r/AiyIwpNMjrJB6JhswxVLHVJYAZQ4gWzYTh4zbpYjLSh/FElGrYOAnXV5KZ
Zh71JKf9XopqLVVSfE71CBOkHyPl/Cq9uhRzw13iGl36f77ckBu3eW4r6mUR6cyI
5TZiP7lyQCh5dEiyTdNpfreAwROWmXgT84VzAKHvv49RFtQLMA+WSUVvZD+ri8EP
kmnxLQYdovXZsoBMvKLEDnDKkv7uwd9PrGfb8k/7ohR6i3QdQ8E=
=lZlT
-----END PGP SIGNATURE-----