It is the goal of StudyWorks Development to make our computer systems as secure as possible. However, programmers make mistakes which can lead to vulnerabilities. It is our goal to fix those mistakes – and you can help.

We kindly ask people who find security vulnerabilities in one of our systems to become part of our responsible disclosure-program. The rules for responsible disclose are best explained by the Dutch government here, but we’ll go over a few key points:

1. After you have identified a security vulnerability in one of our systems, use one of our ways of contact listed below to notify us of the vulnerability. You do not notify any other party.
2. We’ll respond as fast as possible and inform you of any progress. We’ll also give you an estimated time of delivery for the patch.
3. After we have applied the patch and have confirmed the vulnerability is gone, we will let you know. We will also discuss if you’d like an acknowlegdement for being to first one to report this vulnerability to us.

We thank in advance all ethical hackers and curious people with good intentions for being part of our responsible disclosure-program.

How to contact StudyWorks Development for security vulnerabilities

During office hours, please call +31 30 744 05 38 and mention that you are calling regarding a security vulnerability. You will be redirected right away.

Outside of office hours or for those who prefer e-mails, please send an e-mail to cert@studyworks.nl. We ask you to encrypt your message first using our public key.