A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA256



# Domeinen van RUG kunnen met een 302 redirect verwijzen naar het bestand

# op https://www.rug.nl/.well-known/security.txt.

# Daarin staat het centrale meldpunt voor kwetsbaarheden en incidenten.

#

# UG domains can use a 302 redirect to point to the file

# at https://www.rug.nl/.well-known/security.txt.

# That contains the central reporting point for vulnerabilities and incidents.

#

Contact: mailto:cert@rug.nl

Canonical: https://www.rug.nl/.well-known/security.txt

Preferred-Languages: nl, en

Encryption: https://www.rug.nl/.well-known/pgp-key.txt

Policy: https://www.rug.nl/about-ug/policy-and-strategy/privacy-and-security-at-the-ug/responsible-disclosure

Acknowledgments: https://www.rug.nl/about-ug/policy-and-strategy/privacy-and-security-at-the-ug/hall-of-fame

Hiring: https://www.rug.nl/about-ug/work-with-us/job-opportunities/

Expires: 2024-10-31T23:59:00.000Z

-----BEGIN PGP SIGNATURE-----



iIIEARYIACoWIQQs2rtIrJPRJXKnt8v2FT4PDupG1wUCZUDSQgwcY2VydEBydWcu

bmwACgkQ9hU+Dw7qRtd9rQD+M9qzrSoyBeVu3B46Jew/oUkFN9huP3t+lYquf4ub

894A/1wOzpzSR1ZjdqfRpYodr9X6fxjtAWSQh2xjK/f5A/IN

=dZxF

-----END PGP SIGNATURE-----