A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

# Do *not* use this security.txt unmodified on your own website!

# Please always try to contact us through our responsible disclosure form
# to speed up things. Should that not be an option, then in order of
# preference the ways to contact us are:
Contact: https://security.ispweb.nl/contact
Contact: tel:+31735430400

Expires: 2024-05-01T23:13:12.000Z
Canonical: https://redirect.ispweb.nl/.well-known/security.txt
Encryption: https://security.ispweb.nl/gpg.asc

# We can offer you a swift and proper response in the following languages:
Preferred-Languages: nl, en

-----BEGIN PGP SIGNATURE-----

iQFGBAABCAAwFiEEuxClcXB9R88FzmXDzCYgmZiXHboFAmRSzmoSHHN1cHBvcnRA
aXNwd2ViLm5sAAoJEMwmIJmYlx26oTIIALqYCKcPfLd7qB8+5ZHrbOMIBQSWsfWW
755TW6NYqUOPmreVivjvTP+I1N+F9A7VtnFCkUgihuoXfXey+w0v1nP81PRBLm7H
AQzvNXFenfEMIanYEhBdpFq9QbzkloTatOGXhz29ulEfX2gGMNaWNib7aACCO6ib
wpw5KfPs1IGBztrHroOP3fGXlgfvH5qd97cs3ykX9U+otoDybYnLrevcxR+erDZ5
V4gcXzqan+M9UZ+xU3Su3uqvItHpVZmoLyjCtzPO+cLVqaM7zDjlN5hkIX1oRKyp
JQ7v2zN10YzVZoCO9h0vaysEtEKeXqNvefHaYjonC3SRaLjQmoMiLAw=
=td1y
-----END PGP SIGNATURE-----