We aim to make the digital world safer by reporting vulnerabilities we find in digital systems to the people who can fix them. We have a global reach, but do it Dutch style: open, honest, collaborative and for free.
DIVD is a platform for security researchers to report vulnerabilities, supported by volunteers.
Just getting started with some presentations here and there
Timeline with vulnerability reports of our researchers.
Security Meldpunt deals with vulnerability disclosures in the Netherlands and is managed by Frank Breedijk.
Who we collaborate with, our sponsors and references
We are in the phase of starting up, so don't send us vulnerability reports yet. Any other enquiries are welcome.
our code of conduct
If you find vulnerabilities, you find out who owns the system, report to them first, with a clear proof of concept and your contact information. You don't: damage the system, download personal data or build backdoors. We believe social engineering, brute forcing and DDoS attacks are out of scope.
If you are responsible for a digital system, you should have a point of contact where researchers can file their report, promise to respond within three working days, update on the progress, warn others who might be affected, refrain from legal action and credit the researcher if the findings prove valuable.