Become a volunteer

Core values

1 Ethical Integrity

Volunteers must demonstrate a strong commitment to ethical conduct in their work. They should prioritise the well-being and safety of internet users and respect privacy and legal boundaries while conducting vulnerability research.

2 Societal Responsibility

Volunteers should be motivated by a sense of social responsibility and by understanding the importance of their role in making the digital world safer. Their motivation should come from the desire to serve the common good rather than from pursuing personal benefits, political objectives, or individual interests.

3 Collaborative Mindset

Volunteers should understand the significance of working together and cooperating as a team. They should be willing to interact with different stakeholders, including vendors, researchers, and trustworthy partners. Their responsibility includes managing vulnerability disclosure and effectively minimizing risks. The success of DIVD's mission depends greatly on clear communication and collaboration.

4 Technical Proficiency

Volunteers need a strong understanding of cybersecurity principles and methods, especially if they want to join our technical teams. They must have the technical skills to identify and analyze vulnerabilities in online systems effectively. It's essential for them to stay updated on the latest technologies and threats through continuous learning.

Frequently asked questions

If this F.A.Q. doesn’t provide the answer you’re looking for, feel free to reach out to us. We strive to respond to your queries to the best of our ability.

Contact All FAQ

Is it legal what DIVD is doing?

Dutch jurisprudence is clear: if you address a societal need using appropriate methods, you are permitted to execute minor hacks to prevent more damaging ones. The Dutch Public Prosecution Office and the National Cyber Security Center endorse our approach.

Why did I receive an email from DIVD / CSIRT?

If we find a vulnerability, we’ll set up a case with all the details we know and how to patch this vulnerability. Then we scan known IP adresses to see if they’re vulnerable and if that’s the case we’ll send out an email to every vulnerable IP adress.

Our emails are personally written by one of our researchers and contain a link to the casefile on the csirt.divd.nl site.

Who works for DIVD?

Most of our volunteers work in cybersecurity as their daily job, this could be at a commercial security company, government, or as a freelancer. Some of our volunteers don’t work in security at all but have great interest in making the digital world safer.

All our volunteers are screened, and have provided a certificate of conduct. Our code of conduct is sacred, we do not deviate from it.

What kinds of vulnerabilities do you report?

Any security vulnerability that falls under the category of high risk or high impact. The sequence in which we handle vulnerabilities is influenced by multiple metrics, including the level of exposure online and if the vulnerability is under active exploitation.

How can I contribute to this initiative?

You can join DIVD as a volunteer or as a partner, put security.txt on your website, take action after you’ve received a notification email, and/or make a donation.