| layout | title | description |
|---|---|---|
default |
frontpage |
DIVD |
We aim to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them. We have a global reach, but do it Dutch style: open, honest, collaborative and for free.
DIVD is a platform for security researchers to report vulnerabilities, supported by volunteers.
Security Meldpunt deals with vulnerability disclosures in the Netherlands and is managed by Frank Breedijk.
We are in the phase of starting up, so don't send us vulnerability reports yet. Any other enquiries are welcome.
If you find vulnerabilities, you find out who owns the system, report to them first, with a clear proof of concept and your contact information. You don't: damage the system, download personal data or build backdoors. We believe social engineering, brute forcing and DDoS attacks are out of scope.
If you are responsible for a digital system, you should have a point of contact where researchers can file their report, promise to respond within three working days, update on the progress, warn others who might be affected, refrain from legal action and credit the researcher if the findings prove valuable.