A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:karl@lovink.net
Expires: 2025-01-04T00:00:00.000Z
Encryption: https://pgp.mit.edu/pks/lookup?op=get&search=0x189A2BD708C678F3
Preferred-Languages: en,nl
Canonical: https://www.lovink.net/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEdAEe0RRL+gREs9oxGJor1wjGePMFAmWenDgACgkQGJor1wjG
ePOBEgf+NuL9UBRIy3y/mLjOkjwOdF/ZN4MiEWTFsY49ESxd9p7Lp5Kqq23nR51v
jYrtBy8QCoTW7zIJCTH9Pasy4rUX9WE+TVDj5lSm32nbVEz82ZKv63Uq0yozhNYS
1R91SRXGAgar3GNCogFqsxegwFHaLZ6Mbx+KTH3JNBKQr9TULloZtwTBx0//F/nH
SZBh2bVSLWLNIvyTueJnLnxV+LpGH/H6e8s4BAJbNjTv4TnapRSNjJ860a0XPkyc
Cd9Qf70Xc+xYglyZAHg0L5A6DmhH/k3r4kdLvElwZifmspx+Zrh1eWBegMkEwxyb
g9bHMTrgGRhw+gjDlX2+W+G9WbER/g==
=CZuQ
-----END PGP SIGNATURE-----