What to do if you discover a weak spot or a flaw in our system vraaghetdepolitie.nl ?
- Email your findings to firstname.lastname@example.org;
- Provide sufficient information to reproduce the problem, so we will be able to resolve it as quickly as possible;
- Erase all confidential data obtained through the problem immediately after the problem has been solved;
- Leave your contact information (at least email address or phone number), so we can work together on a secure outcome.
What not to do if you discover a vulnerability in the ICT system?
- Take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary, or deleting or modifying other people's data;
- Share information on the security problem with other parties or persons;
- Install malware or applications of third parties;
- Copy, change or delete data in the system or create a directory listing of the system;
- Perform attacks on physical security, attempt (distributed) denial of service, employ social engineering.
What we promise, what to expect from us?
- You will receive a reply, relating to the content of your report within five business days;
- We will treat your report with strict confidentiality, and will not share your personal information without your permission, unless Dutch law or a court order requires us to do so;
- We will keep you informed about the progress of resolving the problem;
- As a token of our gratitude you will receive a small reward for reporting a new and valuable issue, if the information provided actually did contribute to improving the security of our system. You will be admitted to our Hall of Fame.