Zoeken

Responsible disclosure (EN)

Read our responsible disclosure below.

Responsible Disclosure Policy

At Hanab and its companies (hereinafter: Hanab), the security of our systems is a top priority. We do our best, but it is always possible that a vulnerability may be found somewhere. If a vulnerability is discovered, we would like to be the first to know so that we can take action to resolve the issue. If you find a vulnerability, please report it to us.

What you can do:

To report a vulnerability, please complete the details below and send them by email to meldpunt@hanab.nl.

Please do:

  • Report the vulnerability as soon as possible to minimize our risk.
  • Report it in a way that ensures others cannot (or will not) gain knowledge of it.
  • Provide us with sufficient information so that we are able to verify the reported vulnerability and resolve the issue.

Please do not:

  • Share the discovered vulnerability with others.
  • Build in a backdoor.
  • Exploit the vulnerability to see how far you can get.
  • Modify, delete, or copy system data. To demonstrate the vulnerability, a directory listing will suffice.
  • Change the system or its infrastructure.
  • Repeatedly access the system or share access with others.
  • Use brute force, social engineering, distributed denial of service (DDoS), spam, subject the system to physical testing, or use third-party applications to gain access.

We promise:

  • A response and evaluation of your report within five working days.
  • If our above rules regarding finding a vulnerability are not violated, no criminal charges will be brought against you.
  • We will not share your details with others without your permission unless sharing is necessary to comply with a legal obligation. You are free to report a vulnerability to us anonymously.
  • We will keep you informed of progress in resolving the vulnerability.
  • We strive to resolve all vulnerabilities as quickly as possible.

Name:
Email address:
Your message: