A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: https://www.mmc.nl/contact/
Contact: https://www.comaxx.nl/contact/
Expires: 2024-02-06T00:00:00z
Preferred-Languages: nl, en
Canonical: https://www.mmc.nl/.well-known/security.txt
-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEE2mepkwRgJHWI8+T3VstdycCdBcwFAmT4Q78ACgkQVstdycCd
Bcwchwv/fnteKi8faLFoh+Iua3CBMgsRwXyJFLEhUNqZ+Xulwt0F19g12OrOdS7I
o6xNsXd+qGRErhFvXOiBvshET24A8fs59zc4uatjWgfiMAguYxnEbP9pMVbzut42
GGSVvueDdk5ENGD2uXtjLkif0msK7cQzuOPsT/cSRtKg9tZmlzCORHT+pS3ATfyp
puVNtuNvJ25E4yPqaZqYVpqUx1bYbcUPi/Hq/Bj8xSvDhPNFSck+jhSXlne8fj4V
vJftS5puaUouKo1s4Fg8QQDkS2YFTbjVCqruawirL8yQ/Qv8KTO+kqGyMbkdh5Fy
+czQqO3IeuSQqKp861ogz8PcUmO5XpjfxPeIkjI6YgIKgU6efNo/sl5XKNlt7KKj
d13HAFK7SY93BX7epBXvHC3QKpRxcJVJpqZW1YcWeMFsoAcIOjg7Gb/9KUOi7Jnh
d5a8sUwJ78rMN4M8NwPY2ue0MUlFp/YYWpLcX/CnVGToccwEvjmEfAIBmW5GQMzA
ZHaUhb4k
=uFIf
-----END PGP SIGNATURE-----