A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Contact: mailto:postmaster@jbsoft.nl
Expires: 2024-04-12T08:02:46Z
Encryption: https://jbsoft.nl/pgp-key.txt
Preferred-Languages: en,nl
Canonical: https://jbsoft.nl/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEsm7ajWZ/4OkWFwY28DCay4o4SZsFAmQ5CLUACgkQ8DCay4o4
SZtYYwv7BNZPVJqCyBdyBucm60AiP5nh+EnBUCs1NiPhDrVnRDph39M83axgIEL6
F2iqt6vZ9KIGsuIxhepbxpZ1L5/tG2uPGijvVHIAD3ALY6FS0SH7Tz00oFQ/4Paf
eGABAJGUlFM6LV+iYbXhWY5/cMDEszEOU2e/VD7aeOYiuH4kUufwZy79yfXx5CnS
Qxi+uuFhCyEDFdymg9CzM7vijMadauKpEQyLVsNJGWWJ0RgaXjmmB8wept4zvORC
kqpVdGlEc9eVTk8HT+FtP0c96cJiQYkQLkp90oGa4zy9jXw/vTH9t4OlB9xyaMSD
xbA9s80HarQMwje7O2d2aXDd/7fJ491D3MhOva6wVp47RNoYig/p43xGz5EpzM/d
24Q23iXezOHBHALdQhHy8nBggzQulZDaj7GYy97fH4TDQ9HamdIUCVmGmUDoy6Wj
adS5Wuuovny5QiIZlGOrptaikQk7KXLOb1kR3X5YT5yEvdQQyVIJ3fA64oPikTst
jezvKc3K
=X6uS
-----END PGP SIGNATURE-----