A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Security.txt

## Whitelisted domains:
# - "self" (current domain)
# - https://www.onyourmarks.agency
# - https://dvy7d3tlxdpkf.cloudfront.net
#
# * If any of the links in this file forward to an URL not listed above, the URL might be hijacked.
##

# Contact
Contact: mailto:security@onyourmarks.agency
Preferred-Languages: en, nl

# Expiration
Expires: 2024-07-26T12:00:00Z

# PGP
Encryption: https://www.onyourmarks.agency/pgp-key.txt

# Policy
Policy: https://www.onyourmarks.agency/security-policy/