A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Canonical URL
Canonical: https://daxis.nl/.well-known/security.txt

# Our security address
Contact: https://daxis-ict.nl/meld-kwetsbaarheid/
Contact: https://daxis-ict.nl/report-vulnerability/

# Our security policy
Policy: https://daxis-ict.nl/meld-kwetsbaarheid/#policy
Policy: https://daxis-ict.nl/report-vulnerability/#policy

# Hall of fame
Acknowledgments: https://daxis-ict.nl/hall-of-fame/

# These are the languages we speak
Preferred-Languages: nl,en

# Our OpenPGP key
Encryption: https://daxis-ict.nl/meld-kwetsbaarheid/
Encryption: https://daxis-ict.nl/report-vulnerability/
Encryption: openpgp4fpr:811100944C94E98784B291AC6C447AC1825F7655

# You shouldn't trust this file, once it has expired (like bad milk)
Expires: 2026-03-03T05:10:04Z

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEgREAlEyU6YeEspGsbER6wYJfdlUFAmkvxiwACgkQbER6wYJf
dlVrkA/9HHlA7mn0MArVXHAusvXW9Aq+mC/6w9L3PjiTvFxrWLYXyy7XtGzJlyQ2
HZdfr4EQfWM/eWvhmNA4ZRs+weerWE1PdTaD1DYgjbcCps4N4iWHV0zGQPo9GC/b
ekrHLF6HuoWqaoY0i2VvjM25pRkIyRpqHV0vKohOtZsYpFsQ8NkU6yM8Ze2xflKs
fl5Z1QCtsofoR5NvMm6852GiAoIj1/d7tFvW3meVbboPPeIvBwN2A5iNoA65j8gm
AGrsVaQ8hRcKY2hvcp/FKd96pi7d6QcXuOqYNZlPtBXqiWGiZnGF3ZXiu+Mlas6X
yds0no8hDEz+LCDqo2T81bxTBs/xGmfeAh8qy+U8MWKmjIipOORhjuhSWeLIoE7F
PecoG883yBuaec06FZtLpEm+eMkQA1552EgKMTNvtWK6jsMAuKv1absWJWsLdrMG
sfAe1RyYBiNx6+tKqRas4/FCBS//j5X4lrDr5qvFT6bGJK+/tV2MKIXIGRR2Zfvx
CQmFvM0OOMVJNdfVmUOwi5J0vDy71lxJZQGFANqv3+5gvDuSstCwgpnFzxLh72yK
VTDuORjXRxODhtzrFiqppb7Dx3Gjf5NsPNu3l4uHaGC5tiiDgFXXAKWdshS5cHjd
HgNgqKtY73nVXlxPWXaoNrrAOTQtMmpI0m/kswQfZnkKGsI6sIc=
=00jH
-----END PGP SIGNATURE-----