A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Do *not* use this security.txt unmodified on your own website!

# Please always try to contact us through our responsible disclosure form
# to speed up things. Should that not be an option, then in order of
# preference the ways to contact us are:
Contact: https://security.ispweb.nl/contact
Contact: tel:+31735430400

Expires: 2024-05-01T23:13:12.000Z
Canonical: https://ispweb.nl/.well-known/security.txt
Encryption: https://security.ispweb.nl/gpg.asc

# We can offer you a swift and proper response in the following languages:
Preferred-Languages: nl, en

-----BEGIN PGP SIGNATURE-----

iQFGBAABCAAwFiEEuxClcXB9R88FzmXDzCYgmZiXHboFAmRSzmkSHHN1cHBvcnRA
aXNwd2ViLm5sAAoJEMwmIJmYlx26M+wH/2RsgAabcT3bk6S5gNlTcWI/NdV+uJxP
6m7+maP8AX7Rx755oLEHDZw8gNSmLzCcZdLFxrIMp+IMMXYIWL/f6H6h9gmopZJI
mNdLX0QO3G0mhJWsbkzM4GhNUj+CeRUFUeSqunHbcJNO9yhcpdGF5MVP4R/REylB
2GDge3Wzl/06Mlze2Qg67E8My0spvoQsnZ+jqXGRCMAM52QIDLCa36cLecZUXFYU
qdGB5nGIgS5WPgWJ9JZ1cpCx/CVVxrPJ5Is/b3hIglSveSRWQPymFNeRS8RKOULD
gIcJ9aV1KmbQqlsjTHk8mtpgxs4KUjmrK5bxFJ1pp8T0XPmel72k7N4=
=SPVQ
-----END PGP SIGNATURE-----