At Ctac, we consider the security of our systems to be of utmost importance. Despite our efforts to secure our systems, there may be instances where a vulnerability exists.
If you have discovered a vulnerability in any of our systems, we would appreciate it if you could inform us so that we can take measures as quickly as possible. We would like to collaborate with you to better protect our customers and our systems.
- Email your findings to security@ctac.nl. Encrypt your findings to prevent the information from falling into the wrong hands.
- Avoid exploiting the issue by, for example, downloading more data than necessary to demonstrate the vulnerability or accessing, deleting, or modifying third-party data.
- Refrain from sharing the issue with others until it is resolved, and promptly delete any confidential data obtained through the vulnerability after it has been patched.
- Avoid using attacks on physical security, social engineering, distributed denial of service, spam, or third-party applications.
- Provide sufficient information to reproduce the issue so that we can resolve it as quickly as possible. Typically, the IP address or URL of the affected system and a description of the vulnerability are sufficient, but more may be required for complex vulnerabilities.
We strive to resolve all issues as quickly as possible. We appreciate and thank you for your cooperation in helping us better protect our systems and those of our customers.