A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:guido@kroon.email
Expires: 2024-01-01T00:00:00.000Z
Encryption: https://kroon.email/pgp-key.txt
Encryption: dns:1275302e01cef631a7f8180c513d119a4e81fa7c160f337155da254d._openpgpkey.kroon.email.?type=OPENPGPKEY
Encryption: openpgp4fpr:2a9df1d597a0539033c9b3eb394c398c531efab0
Acknowledgments: https://kroon.email/hall-of-fame.html
Preferred-Languages: nl, en, sv
Canonical: https://kroon.email/.well-known/security.txt
Policy: https://kroon.email/security-policy.html
Hiring: https://kroon.email/jobs.html
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEKp3x1ZegU5AzybPrOUw5jFMe+rAFAmTeDB8ACgkQOUw5jFMe
+rAg0BAAl+J3x2PQyxc7ebANxkKBs4XME92WKtDRgfl6l7fp7qCTtMRFZC7idW7l
pTc9wKa28u30vGL0RxM3hW5hdDT6UDQrsjN++LI7HejPkLNgtc5pdIhBW3YkslAm
uoGcNs3fksuCDm5KJ9AMVlX7v8nmDmsaYQWD24dD4K+7KLISCwldC+9WZSz9+Glq
yN2HUpe5z1GJdjIq8X3V5DetDMQxD5fidIbl3V6/pLbAXkjrqC5f++NAVXCHwUec
sd8t+wqgCmGwWEGjdbGKh8y/AgScS1F59q4DT0IX/S7KUplp3f/PJHJ64NH9QCRk
oSuRrkJKIisQM0m6YisOq3+++NQ+anc38j0izWTCpcgP9qUflu23XgDfOrkQML04
Lmh35N1+JdFJ3nqRRJ/ma0vh7v5fhR2/eeH075+oSwvSyo2gjlWK9jp4AdJMEYdC
ooR2m8eUt0TTZmOe1BAW0KqHR08tGtRhgqeZhJvVL1IvwSHEbYng4tz3fL1vqCQP
oSdwJ6or+/u1B05AeBtMCmaGasN7DETCVGt1y1vkCGqEgNSQMsDJocZ28p7AZORU
WJRaYRwywBOg4AocgtPZw08Isralj/I+fFczqA/z5OVoAJ/NP0+RhuWR27hIftmx
rOljTag9cysPh4WWzNtt1yHknOzdkWiKry9G1rYAMpWU202yIJs=
=3C6v
-----END PGP SIGNATURE-----