A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: https://www.indicia.nl/contact/cvd-melding/
Expires: 2025-01-01T00:00:00.000Z
Preferred-Languages: nl, en
Canonical: https://www.indicia.nl/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEE+JhtfwpoizCsNxp4/Vwek3706fwFAmaB2owPHGljdEBpbmRp
Y2lhLm5sAAoJEP1cHpN+9On8rjgP/Ageal4F0zi8MtWotGMWu2m2hSTf9TXQlqpI
CntaM2vAo/c8+Qim5qoZUrjbv/Lehow7W2tjC4bMzWsVik14FjpYQsEMGagZjnKk
y02PtcVXP2wTLaCy+QnyKpqhf6WLX9+O6O2uqT+e32HCxCLTcRHhFgKDGFyz2D0w
XdfWltGwdZxhpZab/JryqxGQWAgvU71PLH+hF3x24xOcKnKyL7L+lk9klBV7m5zd
zWiAbsUQfCY6V80Z79rdxlgSZgxricbyWIgc64r0bE+rEzTB5nEbdxMSbfQiElRO
CVAvhEd5g9cyxcus+kwiW9BuPfM+I8O9LfUdFHJ3Z3x3CUsoZ4M59fxdakreKJRZ
Pgc1ibjOGPQG+EX/qMZEvxelwy3vqapHMjIwNBwCmLMYD/Qo/exJN6iV3ML4kHVs
XctXuSYdOF50dILO5x0IPHiIPcdZbcX8AAsqW0es/dlJybSOv5vkr+exi7jAPzg8
zN60FB72gr1eykwNsChHvuDAqaL4u+bIfp+ZzMMq395K4CFuYbPkyGyLGtorPkWk
40UpAE7fz6wHIxdgP9MI6nUF6LPPnrxKuJTDc8Uy6o3X2hHyyyJWtkrB3NxNk5Yu
zJBB9/V3XyyZrpvcrv4HD5aUXPZgSGRbXH79GjmTR/vgozP+a+YMjoUd49PZ6ose
/kSXtQgr
=woWP
-----END PGP SIGNATURE-----