A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Contact: mailto:security@planonsoftware.com
Contact: mailto:811@planonsoftware.com
Contact: tel:+31-24-641-3135 
Expires: 2025-10-15T21:22:11z
Preferred-Languages: en
Canonical: https://www.planonsoftware.com/.well-known/security.txt
Encryption: https://www.planonsoftware.com/.well-known/PublicPGPKey.txt

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBAgAGBQJn/s43AAoJECXlt2s3ldTP1t4P/iUtMVzUVJG7m8Ir9E8sjCfE
OlVTWEcUn1i2iJ6DDiZAl46DAJm7fasu6TurCtUKffklsf1Q7cuETL1jFoSH+Md4
d3gFRS1G5VITiADVSjKxlm+BHziWODy0SEgI07jZ6dhWBVxMt593mHdMkUmBCDXm
zMP4GXE5Qz5mzIuscPbv4dsK0/7yU6WwwewHWmgoLGsNKtoIWLwtHrfNhZrav23p
E0WULqWNejP4Ln1WJKB8FLkDZtRfqpeNJPH2PbxihrmMauVTwncCxWFnaZVGStGM
AyPFMkElLpgk8zqsNM8TfXitzSQqiiIZ3ErdcmB+J/xwUw/PtH1KqHYbLwBuzSO9
GFPdjfxzouYR7uHv1U/RvBqiewuQdlsB42HcbHlzMav9es+NC3FjEnUVRVCy7sW+
zYczm7hlojMbA3M9smKmnIMiY0TvWMhANl1BUKiBAbi2tIqzfvKQMp6gYZTMChs+
HsaK8xuZHr/W92ZsWXSKQMM1HVToep1tgB0RSlbLVGCYzjXLDagnogxShTgMYZ23
nl3j8pIVxkNFV0z9cevaYNJJmKmWAU0jIX2qoZXTR7ls/qdD8XvYuFxVnpqRN0Nm
aopF+tNyw4ZtFlN2MhRkEX/b3vuPMd0D90S8wUUgyyhnT4sbiVeZfLYutYJu89ML
l1pczTjPTCx2veYh3mIe
=CNKk
-----END PGP SIGNATURE-----