A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:support@kcmsystems.eu
Expires: 2024-11-20T19:00:00.000Z
Canonical: https://kcmg.nl/.well-known/security.txt
Encryption: https://kcmg.nl/gpg.asc
-----BEGIN PGP SIGNATURE-----

iQHKBAABCgA0FiEEkk0rw89dnKJZsprucUo+SYyB5xIFAmVfW4UWHHN1cHBvcnRA
a2Ntc3lzdGVtcy5ldQAKCRBxSj5JjIHnErQ9C/0ZQvFp7EG6Xy8HDPuCsa2+gOCJ
VkzEvnyw4NSuFGsxiP/ZlRn0r9+xKUMOBngeVEXRCOnikR05C7ExtSYV3Xl1Pe6s
9iVpMNt2pWYJOQWTzQk/y5ZoFy82iUjCDFyGUjjTOm1brdyzv4fHbCkub6EPPKaJ
ppckglPC41R08s9Wg4GfXtaF/9yFi6XuHK8Wq3wNsVKLjuzINAg9WWNAKeeM1fSC
zLWlxXl9XTyWaO8bksv1pdsM5AsjvFlcfax3FfMffP8lgs0GJGmoPy58cAwGyWUb
fqF6eOf0Kq5BRB5DPSGQ3wIjYPMLF/U7dTrbzClobWrGwU+50pGuJp/EC26qvy0n
/sr0+rJACuOyR3WmubGHB5cizTSwo3wlaDtvFkny6zbPBedZXFdUFBnrJ1FQ3VVd
h+nyx5uDjoFb2rTGth/HLu+lNSuXdfKDyDzxiPlX38I8j99wAjzdX4kFcZz3K4Vo
c2DQYkHKZeoNUTUtrRDeRLj8PBCahrxFRMwUrac=
=S6YL
-----END PGP SIGNATURE-----