You can help us keep our services safe and with it the information entrusted to us. If you think you have found a weak spot in one of our services, we would like to work with you to resolve this situation as soon as possible and thereby improve safe use. Therefore, we request that you immediately share this information with us.
- To prevent misuse of findings by others, we request that you use the following guidelines when submitting a report:
- Report the vulnerability (or the suspicion thereof) to the Computer Emergency Response Team VZVZ by e-mail to cert@vzvz.nl;
- Please provide sufficient information (such as a detailed description including IP addresses, logs, how to reproduce, screenshots, etc.) so that we can handle your report as effectively as possible;
- Do not share the vulnerability with others until it is resolved; Do not actively exploit the vulnerability. If this does happen, we will report this.
After a vulnerability has been reported, we will contact you as soon as possible, but no later than 3 working days, to make arrangements about a reasonable recovery period and a possible coordinated publication of the vulnerability. We treat your report confidentially and will not share your personal information with third parties without your permission. An exception to this is the police and the judiciary, in the event of a report or if data is requested.
VZVZ is very committed to secure and reliable communication for its customers. Your information can help us better protect the services we provide.