Have you found a weakness in one of our systems? Tell us about it!
At Nétive VMS, we consider the security of our systems very important. Despite our care for the security of our systems, there may still be a weakness.
If you have found a weakness in one of our systems, we would like to hear about it so that we can take action as quickly as possible. We would like to work with you to better protect our customers and our systems.
We ask you to:
- Email your findings to support@wpmasters.nl . Encrypt your findings with our PGP key to prevent the information from falling into the wrong hands;
- Not abuse the problem by, for example, downloading more data than necessary to demonstrate the leak or accessing, deleting or modifying third-party data;
- Not share the problem with others until it is resolved and delete all confidential data obtained through the leak immediately after the leak is closed;
- Not use physical security attacks, social engineering, distributed denial of service, spam, automated bulk penetration tests or third-party applications; and
- Provide sufficient information to reproduce the problem so that we can fix it as soon as possible. Usually the IP address or URL of the affected system and a description of the vulnerability is sufficient, but more may be required for more complex vulnerabilities.
- Excluded from this policy are (sub)domains whose technology is not managed by Nétive VMS. In this case, please follow the service provider’s policy. (An example is hello.netive.nl ). However, we would like to receive a copy of your report so that we can also follow it up with our supplier(s).
What we promise:
- We will respond to your report within 3 days with, if possible, our assessment of the report and an expected date for resolution;
- If you have complied with the above conditions, we will not take any legal action against you regarding the report;
- We will treat your report confidentially and will not share your personal information with third parties without your consent unless necessary to comply with a legal obligation. Reporting under a pseudonym is possible;
- We will keep you informed of the progress in resolving the problem;
- In notifying us of the reported problem, we will, if you wish, include your name as the discoverer; and
- As a thank you for your help, we will offer a reward for each report that we can confirm ourselves using your report of a security problem still unknown to us. We determine the size of the reward based on the severity of the leak and the quality of the report with a minimum of a €50 voucher.
We aim to resolve all problems as soon as possible and we are happy to be involved in any publication about the problem after it is resolved.
Hall of fame
These people have contributed to make our website more secure through responsible disclosure. Thank you very much!
2022
Sabarinath Panikan
2023
Sabarinath Panikan
Report security breaches
Report your discoveries through our Responsible Disclosure and let's build a safer digital future together!
If you discover vulnerabilities or security flaws in our systems, websites or applications, we encourage you to share them with us responsibly. Together, we can improve online security and prevent potential threats. Your contribution is invaluable.