A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:cert@freedomnet.nl
Expires: 2024-12-01T00:00:00.000Z
Encryption: https://keys.openpgp.org/vks/v1/by-fingerprint/E1F4C4128093EF2DE5E6EEA98F1E46FCEADA8307
Acknowledgments: https://freedom.nl/responsible-disclosure/hackers-hall-of-fame
Preferred-Languages: en,nl
Canonical: https://freedom.nl/.well-known/security.txt
Policy: https://freedom.nl/responsible-disclosure
Hiring: https://freedom.nl/over-freedom/meer-over-freedom/vacatures
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE4fTEEoCT7y3l5u6pjx5G/OragwcFAmX4aUUACgkQjx5G/Ora
gwfJDA//ZRIKa/JjXbficcl3FU4LZCCLGXjzC/PHwPF80vm0XiKqZ0LYA7swlNwe
u5NrQncJKr6jJKWkcaYlgOJDZfduTDi9OulGmxI0qUUrnVmujck2Z3GFx7vmOpex
ibvLMCac2oOp0k+wjWUKcA+hDtHjBJxXyIPEpIR3s21B4yMILsjEn+83er8z+4lk
NNJUU9aG6V2GeSYBdt/2Bq2CTWz2PjvHOrNcBUXCxQwTQix71A2AoddcpB8YoY6U
A/gpvCvm9mYg1uUnTybpYuoYGMACf2E3HXJvU803jCKkQv0qVsHssInXTdWaB8TX
0AVk/d4fB+TaVbiObNS1JYhEviB+fMGwaj5H1yjPWhNTdkbMNSQX2fQl34KxOh/b
IQYXew65JgczeRoSseoKSH9QLVejLYfX986JMidceCkzAdcJH16g6LArW+cbMfzp
AYRyRPRdXIorM3NINO5XSSIuhCvdtlsBrMIUtEMLCew2QFwv+WjzFEVfo2ZPnXPa
tbxDqWrmtkKrG4Tog8JkO5JEJmvBmHwvQ09e4yCACxAyW7KfLUD3IO97hADXD1pS
f6od/ykYJRp53LLxw4u8b5alT6wWw4Qyole32bPCSVaR+eR5Bp2FgvDxkAdI+E4o
iImF7SPnD1og9p/DfTN1yEuHevEQEvDf/F+8Ngj4BgJQqLnSEJE=
=pdGN
-----END PGP SIGNATURE-----