A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://clvb.nl/.well-known/security.txt

# Our security address
Contact: https://daxis-ict.nl/meld-kwetsbaarheid/
Contact: https://daxis-ict.nl/report-vulnerability/

# Our security policy
Policy: https://daxis-ict.nl/meld-kwetsbaarheid/#policy
Policy: https://daxis-ict.nl/report-vulnerability/#policy

# Hall of fame
Acknowledgments: https://daxis-ict.nl/hall-of-fame/

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: https://daxis-ict.nl/meld-kwetsbaarheid/
Encryption: https://daxis-ict.nl/report-vulnerability/
Encryption: openpgp4fpr:811100944C94E98784B291AC6C447AC1825F7655

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-05-03T02:38:38Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgREAlEyU6YeEspGsbER6wYJfdlUFAmmBbb4ACgkQbER6wYJf
dlVzlBAAoHuyE1UslwHA7R0UW+DRrssAWKEhFr/lONH0P2Oc6O3aLk5sC1oG5GsZ
0QxmAbFRYB8uFGRTtIwmd/JbPxoIQcFJ6POBHKxmcNhF8V9pcLOkvCoks7t1vznI
fxQvZxhHGV6UIhPIJv1B0PHVPTOpPO0EqS6WRwTANGXzvD8Y8rsUQLNa8RFY/JfK
5Udxu1F9vtkTjb4/4ui8eILLALHhXeN1s+VcdbNOM1XL2JrHBpIBHdR+q+5wAnsO
n1LYHYS/yjS5ou8/OnzSXsg16Log9QDnpTrjz/8jggetfxl8wH6VtdmIGvmVXiv/
KiRcLBO8O3nwWR4wcLmvH3/+0qd3tVSnExJwy7cKr/SlA/bHTWbjrTtX5qWBGHZI
BTrj9uPBGSaUH2h2Y7/lnyhjxuTxYFHzjhh7jkkQWoZFTdi5LKBWL/wtlpijq75L
6pTSJD7XBhqp+A8IIaCuz3ujcet74mp7Q4LrCLGAgYmD9rk6ns3jsZ6NDIO8rCuJ
31OKi0dDa1jE0s0s+aaqS6KPCpKnEaCqGkfzlgJbOid1VR+4ah1wXBfFVe2VhIEj
GYcSSwekMDTZcus+XCaBaSqAC4ViV4akfk1bXJ1rccoIfXn96xGFg5x2wg7A0Lir
50EVJz/+21P3wve/rQhnT1Z2gkb4zEdebbX2ETiee3kklTMAD/Y=
=SIku
-----END PGP SIGNATURE-----