A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@xxllnc.nl
Expires: 2026-05-13T23:00:00.000Z
Encryption: https://xxllnc.nl/.well-known/pgp-key.txt
Canonical: https://xxllnc.nl/.well-known/security.txt
Preferred-Languages: nl,en
Policy: https://xxllnc.nl/beleid-en-voorwaarden
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE7yH8mwVCZD/HzGtesQmvARCoxPoFAmgkg6IACgkQsQmvARCo
xPrmtxAAgF+hesnTdvo6fBGNicOTjWgJvfmCjYMOQCR2BAniK6DxjQsSrfzuu9jx
c7PRy2ILADj/LBTAXth6CHpZwWWFyP42vq2d4YednB8KCbEdeo8qPRzakzpQPtQ7
1+qSgPs1ZIC//vfJIvjRclN5KNc8ha7sOv/eAzIy5MRpZ4q2K6yUrDwe+Wdaimvs
psgLeUoqaUcdoR6mu66Pg5LTTOENyIq5lerewsAAPrM0WlKSyn32uPPbwM32pdCM
e1aFIvwNdLVsehE4OJxl3F7WIb53Qh24J9eeO/xcQBgmTGufQtdYTh7W4YCVEm2j
e1cXvn7SCiTqAyc+WLZXYqp/gYmNqA+eKPbr4BrgJKbwcT80f0SlC9wq+uU3mmoD
k6HExmN4XlH6SHQrAmcwpAfI8pdqKaQTHzrJ6JJgPFbinEgX5rP1c9lYsxhrDzkS
us7ILdY3ww9ftoYnceezUJlhSQz+nUrCYJLyEV/239j1WksiJ7vzlf+I1FafSsW1
RIQhCZIaP979e22fiKyghE69XhoZm5Re75np9kgGHj80r4pNHn3WrKpXsnrkDP2h
LZEzW5OnkAXniAsQ4Q8yXtwk09z7+x+Nz8O9cWpINkfz0mU/Gsaow0RW7KAWoTl7
9xBS+jiW2CYI9ci2DBPWFWfWaj3nsVe+lroqcOULQ35ZxB4z+EU=
=97+e
-----END PGP SIGNATURE-----