A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://pragema.eu/.well-known/security.txt
Contact: mailto:security@isaeus.nl
Preferred-Languages: en,nl
Encryption: https://isaeus.nl/pgp-key.txt
Expires: 2027-02-02T05:20:03Z

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEJKZYhMDk9HcLcYvO3hipuwbh0DEFAmmANAMACgkQ3hipuwbh
0DFGxQv+MTVmL6fMYEtRVCPOgfOD+DRwwfZS0kXTEE8Ta6qY6I2IUA2AHZ0perIY
jt/Mt+J3rw0/v4hXIde5JfH1sE8KMbfzENGojpcBC6RAHZR5tTTpwWfautYZ2FnI
v3W9Rjd9/88hdLHY2V6dWGqnN2BxodpbTv529EkUCkS5RW4RX7YfmXT7Xzm3EPxX
GDEg9+z5cQgHz25sWSwfay27JS6OHsnd22SJLMCbAcRKUr3tiEu/1enZMU8lDqK6
Tyn3ABe0YAVqPfq8zcKaIcrDRpaCrNqGEgn9sGaDZj/+P7UOMIQOr/rXr4FKpTly
vYjx8atmEOYB5/EW/cr1tB5m4YLKDSwjy55ixfhDEATH0iCVng+TXrwuxmflAREG
3XPp1UPqbMBvebcEavxoUqEU4T92oDsmsoAe+AwJ87PBgQNNtifLHuT4gwl/Krcv
nD+JMOkMS9cs80vABV24egE06RXjLuwQQMiSjeJuAk/zVeBsGax1XVHvP/vZYA8B
THuOTUvQ
=d+SA
-----END PGP SIGNATURE-----