A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Contact: mailto:security@planonsoftware.com
Contact: mailto:811@planonsoftware.com
Contact: tel:+31-24-641-3135 
Expires: 2026-03-23T21:21:27z
Preferred-Languages: en
Canonical: https://www.planonsoftware.com/.well-known/security.txt
Encryption: https://www.planonsoftware.com/.well-known/PublicPGPKey.txt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCAAGBQJo0w+CAAoJECF50eNahFAPWa0P/2dtWw2xyrVjlf9LUw+JUNXz
h04QRPw0luh9/YdDEXzu7yD4kVmzWse9wfRZlozoXbaFtzvR5aRRKqoYtauM7R3L
n4ZjtRjjD3g0CdJfCzV2HJiNEg8R+s8PZaMeVjlLA4OsIEkVa5cL5Sp0j3mnUk2B
2JeZZD8uDVUdGBa6UOml4tswsMPiVtAZRvXoJ8hXbRj0eHBJGYpY61PSwDEOjzOt
uXj/q8Jweg/6r3IwsMsUu6QDCxal5C4l0A6g4I33dC1CKkjtedI9858DnxBMjU7x
inAQaFnoh6x6SvmnlOtmpYMmn9X0HZvhiGod0SO9GvbhLyPIoF1LgHcTYNJPtRMp
dPl12cQhJPH+Vh+s0Mi7bmWhu36977Z2uh2Le1D6afVdM3BS2CKydcRPw6OcWemc
19Xsz460wWX3RMn4CI4ukBbBgl7ZlEXaTMxv8ipXId7v9vUqr0a8E4/EPT5oXUhI
gb6PAFYAHh3zB1is646iVeEDvYJjsfXsTUbmcJNXO2xfw/1In/d5AAWv6DAEOOzZ
+WwWTXBeNGoI9EqKDXnWwV6H3gXIiSd7EKQemeDjPTFF0tYqEpKBYKxYhjTcE9c+
qtiPw8dF3aboO9ftfHohG5225KIxy5oM6xZILyH2NEZhfdJyy11vP8kbWB3lBLKP
WeEH5o0KMEi9/DVgFQMD
=tC/X
-----END PGP SIGNATURE-----