A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:security@hackerhotel.nl
Canonical: https://hackerhotel.nl/.well-known/security.txt
Expires: 2030-12-31T23:59:00+00:00
Preferred-Languages: nl, en

Encryption: https://keybase.io/sigio/pgp_keys.asc?fingerprint=6afc0d835346c7296754113fd8674d8fc4f69bd2 (keybase.io/sigio) (Though plain-text is preferred for quick responses)

Acknowledgements: https://hackerhotel.nl/acknowledgements.txt

# Policy: We have a playful responsible disclosure policy, if you find an exploitable vulnerability, and notify us first , you earn a dish of original dutch Bitterballen, to be collected during the event ;-)
# We do not offer any other rewards besides acknowlegement in the above text file.