A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

# Hi there, thanks for taking an interest in zorg en zekerheid security! 

# You shouldn't trust this file, once it has expired (like bad milk).
# We are sometimes a bit forgetful, but we do have an annual re-occuring task to keep this file up-to-date.
Expires: 2025-09-13T11:56:54z

# If you think you found a issue or vulnerability, please let us know.
# Please always try to contact us through our Coordinated Vulnerability Disclosure process to speed up things.
# You can find the process here: https://www.zorgenzekerheid.nl/veiligheid

# Should that not be an option, then in order of preference the ways to contact us:
Contact: mailto:cybersecurity@zorgenzekerheid.nl
Canonical: https://www.zorgenzekerheid.nl/.well-known/security.txt

# You can find the csirt@zorgenzekerheid.nl PGP key in our DNS zone.
Encryption: https://www.zorgenzekerheid.nl/.well-known/PublicPGPKey.txt

# We can offer you a proper response in the following languages:
Preferred-Languages: nl, en

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJn0sgoAAoJEKgsaJ57N4nvWfEP/3Kn3Jspz0uJPv7M+6kqKe50
kZddrsPQNjwogAZfEemgxSUF7n6VMThbg1e4FC9wc/UtdSLFCFOtUuR1n49qb7L4
sqd3LJ7YIW8Os3KkjC3AgKIMV+6YyZ1GLiPfhyzvjTm+IVZDCAV8qVoVtVrOry5Z
BAOFwqg9ZVYMQDlbq47K5Uw6hedLA+j0stqjKt+b1/lpHnWMuA5QwVjn/In0lK/o
VWn5GGE2/OiTJnkzFXXlZKpgQq7LkYh2D3zKqxRKhK2FagsCg3BpYAzd62wTJYUV
VgzotSepGyUyXwu5joWJ9Lsny2OmkRxHUi55rNpzcr2p2DGLKQ4ACP2MxON0HLH1
q07IrVwm+i0yGFtfTfOTI6H9emJgKhCybdmQ/OLOGU2pDKO9UfJlZ/JjcoIIafrc
tKO9IOzRPjXbCH89sMy/7NAz7stVEidk9SwJebFhhLf1zdOrJO0D48pRu3BbqKZX
Zq+bErlbOO8myYzd/vLYg1FIuJYb+G8VPMPaZ93ptQklT43u1OoKNINaoah4pQNW
f3NnMhnoEb1ZmnDIOk8jf68wNk1mUX58yGQdnVSTmmqX2q4Pzq4FBJOaGtL0De3u
Fn+LFsjC0uRDcj4chZdkvU5JpmKb8h/5j+U/y8Z7+b/0DHTzJRQI/f4LJnhSXUG5
ae2Z9A6AgsJh9oU2cVps
=TNSE
-----END PGP SIGNATURE-----