A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

# Security.txt voor catchit-server5.nl
# Conform RFC 9116

Contact: mailto:info@catchit-server5.nl
Expires: 2026-03-18T06:43:15Z
Canonical: https://catchit-server5.nl/.well-known/security.txt
Canonical: https://www.catchit-server5.nl/.well-known/security.txt
Policy: https://catchit-server5.nl
Encryption: https://catchit-server5.nl/.well-known/pgp-key.txt
Preferred-Languages: nl, en
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQEcBAEBAgAGBQJoee0DAAoJELye++rVy0aCUlMIAJu6AMmY5LRIURyEjlmbczAC
nCQosiyaWCH627T049fTcSR33SaJ2F8LtXLMCtAlwv+ItrkGwHMbbOsU9HgRG86v
UJWZH8uquTpUF3xAvh+N7F4LfczXrGS3DaKiXlDzfUDnv4YXEyHkBqgGHhuvZijQ
C7gagsf2IkSE0UZQY7U26qFcnwOJ5Q1XHu1irOAmXYj81IlPbKrqfDBqOOZeO1sX
GP8D6z7d7wdg6y/ILF8i/GVnrNSRaw3LrTkDhDezC586b/9/wwNKt3HMBrLBl201
GIMT5lBDjXkwQid1knxhOkFkkvRFq6/DmT1ApV0LOUXimDGmyBmozf7pUdy2UIc=
=gP+z
-----END PGP SIGNATURE-----