A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://beheervanict.nl/.well-known/security.txt

# Our security address
Contact: https://daxis-ict.nl/meld-kwetsbaarheid/
Contact: https://daxis-ict.nl/report-vulnerability/

# Our security policy
Policy: https://daxis-ict.nl/meld-kwetsbaarheid/#policy
Policy: https://daxis-ict.nl/report-vulnerability/#policy

# Hall of fame
Acknowledgments: https://daxis-ict.nl/hall-of-fame/

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: https://daxis-ict.nl/meld-kwetsbaarheid/
Encryption: https://daxis-ict.nl/report-vulnerability/
Encryption: openpgp4fpr:811100944C94E98784B291AC6C447AC1825F7655

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2025-07-04T05:54:58Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgREAlEyU6YeEspGsbER6wYJfdlUFAmfvdDIACgkQbER6wYJf
dlVJfxAAkO0s1vVE2bUr3Im0os6P4g9zZrbEy21qz126uoGRBZw2QBUhkxl0dgAZ
vbRay24zB774VJssA5n38U1IQAJdUD8ScB0C2W/5YLKYFSHDp7SISjBJ/SpmNp0Z
ooOXy+1c/Ht4QBILF8tCR4pw6s+/eA7fTCtLKuGvy0fCDZcKtwInWgRl+2Xjv1FG
ywt5pko2egplC4DsS2KhxYo/TpzJSpX2BdePdTHgBvu1yzCxKFwXp9vI27ajrLBE
J9h5uidgza8Hm6GM0SThN6n/MIZ529RqP5jEojcZT8E4e2ItEmRJgPlKf2fgB4QZ
xpe6IIRpAtT3sJTKcb3zv6n5bW10UB1Jb2MTNBUmV86RZHPk5QJqysTlruYYQlRL
zuOV+lt10rABFeGPIC+q9/T/Kw7rZgprJpF41UVmoYMgieJ8Q4sLolzjrZmzAv/b
zo3neCCnJ0hcX0w4UfQb+OGwWbNg4H4co69kUyNRd3hgZngG4biZxRwZMwsbF6Fd
zd2WWePXeCZWLNQ5SSfvF3irQ48OVnRrE16V0DfqQBRnMeXbx3lWa+bkkt70LVhk
7nLRl2oPAZ+iNXmOa4pUPnSwediG6dHUW2mpwoNYBvxc8CYPg3gZqWjpBo8A2wzT
FeATATYHAApEmgWef0wXIvp8NPVLt5a2ZeSpBzWeZ9Z8jdihino=
=PIdF
-----END PGP SIGNATURE-----