Responsible disclosure (EN)
Read our responsible disclosure below.
Responsible Disclosure Policy
At Hanab and its companies (hereinafter: Hanab), the security of our systems is a top priority. We do our best, but it is always possible that a vulnerability may be found somewhere. If a vulnerability is discovered, we would like to be the first to know so that we can take action to resolve the issue. If you find a vulnerability, please report it to us.
What you can do:
To report a vulnerability, please complete the details below and send them by email to meldpunt@hanab.nl.
Please do:
- Report the vulnerability as soon as possible to minimize our risk.
- Report it in a way that ensures others cannot (or will not) gain knowledge of it.
- Provide us with sufficient information so that we are able to verify the reported vulnerability and resolve the issue.
Please do not:
- Share the discovered vulnerability with others.
- Build in a backdoor.
- Exploit the vulnerability to see how far you can get.
- Modify, delete, or copy system data. To demonstrate the vulnerability, a directory listing will suffice.
- Change the system or its infrastructure.
- Repeatedly access the system or share access with others.
- Use brute force, social engineering, distributed denial of service (DDoS), spam, subject the system to physical testing, or use third-party applications to gain access.
We promise:
- A response and evaluation of your report within five working days.
- If our above rules regarding finding a vulnerability are not violated, no criminal charges will be brought against you.
- We will not share your details with others without your permission unless sharing is necessary to comply with a legal obligation. You are free to report a vulnerability to us anonymously.
- We will keep you informed of progress in resolving the vulnerability.
- We strive to resolve all vulnerabilities as quickly as possible.
Name:
Email address:
Your message: