A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://clvb.nl/.well-known/security.txt

# Our security address
Contact: https://daxis-ict.nl/meld-kwetsbaarheid/
Contact: https://daxis-ict.nl/report-vulnerability/

# Our security policy
Policy: https://daxis-ict.nl/meld-kwetsbaarheid/#policy
Policy: https://daxis-ict.nl/report-vulnerability/#policy

# Hall of fame
Acknowledgments: https://daxis-ict.nl/hall-of-fame/

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: https://daxis-ict.nl/meld-kwetsbaarheid/
Encryption: https://daxis-ict.nl/report-vulnerability/
Encryption: openpgp4fpr:811100944C94E98784B291AC6C447AC1825F7655

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2025-09-02T07:38:58Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgREAlEyU6YeEspGsbER6wYJfdlUFAmg9VRMACgkQbER6wYJf
dlUZfw/8DNytQ3cUntFDX78OmknsjNwan+kdoCPYbsKC17JncY5BtzZeNzgxJ/Cy
VBhNYi7htWv/eX1dYscaQUwIVfcslHgiz6oyn2QJmryvyyrmjEfScqVWYt4ZK92M
I2/ha+PcR2Q+tPcpoOmKtzkUix1PCjDyj9auIN5b9TJJRXX2Vs0ohy8fSk/kov1o
Nw6kCKElJz+NV4NnaT2mm2nEAbHhzDQJWf/hEAwxDfX4ZL8CQYKKepGyauqG+Nqh
rlmp4nY97KJRsag1M1GOhM42JSQsuzlefcWbKiOZGvFuB3DeUYqT8+JGKdPxr1oY
/EVmVTIKKo0zD9d3wgVkrmVD+vEwP7B8uTxCNnp396iD+YMudZT5TU0b/7ozc7Zi
jdRrYO38LU7d7MKbnckFKkNjwgTOy/MECvotH3FPHIpTPSn1I/zSYWYHUaYE4+wd
6hBh+Wf/gmGhW1ymnV/cBYGG7YuOROidnRk9KW2qCuYgoR3tm4ATp16wS4sUD7Lu
M0nygVzV8vnpG8NgC7qgCmZ7NjIjP9eJHYms1ZxN7TDaaB4CxUiaFyKGWINBqLQS
lOt3eql7P2/0K4YboDs0tb2eSZMOOUFOymk8GJn0g7Y6ziNegQfWZlV+m5PoMT1L
PGfpByxmCYTcJ1b4TcluvFoUlDx8lxGN8BIXTn7aOtYFv2Xs4/Q=
=NDB7
-----END PGP SIGNATURE-----