Why Validoku? Templates Safety and security Our vision Pricing FAQ
Sign In
Responsible Disclosure

Responsible Disclosure

At Validoku.io, we consider the security of our systems a top priority. But no matter how much effort we put into system security, there can still be vulnerabilities present.

If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. We would like to ask you to help us better protect our clients and our systems.

All submissions are audited by our security team.

What we ask you:

  • Email your findings to [email protected]. Encrypt your findings with our PGP key to prevent the information from falling into the wrong hands.
  • Not to abuse the problem by, for example, downloading more data than is necessary to demonstrate the leak or to view, delete or modify data from third parties,
  • Not to share the problem with others until it is resolved and to erase all confidential data obtained through the leak immediately after the leak has been closed,
  • Not to use attacks on physical security, social engineering, distributed denial of service, spam orthird-party applications, and
  • Provide sufficient information to reproduce the problem so that we can resolve it as quickly as possible. Usually the IP address or URL of the affected system and a description of the vulnerability is sufficient, but more complex vulnerabilities may require more.

What we promise:

  • We will respond to your report within 3 days with our assessment of the report and an expected resolution date,
  • If you have adhered to the above conditions, we will not take legal action against you regarding the report,
  • We will treat your report confidentially and will not share your personal information with third parties without your permission unless this is necessary to comply with a legal obligation. Reporting under a pseudonym is possible,
  • We will keep you informed of the progress of solving the problem,
  • In reporting on the reported problem, we will, if you wish, include your name as the discoverer, and
  • As a thank you for your help, we offer a reward for every report of an unknown security issue. We determine the size of the reward on the basis of the severity of the leak and the quality of the report with a minimum of a voucher of € 50. We strive to resolve all problems as quickly as possible, and we would like to play an active role in the ultimate publication of the problem after it is resolved.

PGP key for in the responsible disclosure for our Computer Emergency Response Team

-----BEGIN PGP PUBLIC KEY BLOCK-----
​
mQINBF93JBQBEACtrU4ZrfFCvLvthOXiJX7BtBpUAcmgo/G+JvcB1k6rHUaiivZT
lk1sx76zE1H8sgAYEKjLx5aWpHqj1q6wQgHv7l1l5pP8+en6gG4ejmmN8JuCBm4d
yl7fgFiwQUJxzvZ3qHpk//mh7X+xj5JkDd4reumui4VI7VMY/Nmsk8wTRrAbIGCY
P9UuIwm08gHNm3hvIziQcuPYSY11PVGBceIUh1Ro2FtcnMVW4bkSYPEzUmmu8Vqw
gkathsICLde6oCMw0OTU3HAW1TMRfh0n7c8R8CFloxLZzXMFu5+TyQrYJY8aVTzf
LAwjqvjcsmdAb4Hv//eOVrGpdCIeV4WLy+N4fcq3YY/g66wGOWpEwUDcWwvw5zTV
PJvsyqf+zBeLUvpC8CKkqTyPmrR+BVFvOtsnEs7462vFnWRha6WrutNRuDdRjdVn
QBJ33OVyu2waclJymY/iv+sqUGM3UFE3Gaa4YzV+SySdplhyz5UILnrTMTwKEIGS
NW+Wh5WIySGMjOBaWI0qf67YbCrEx4HRtrVUOCh3FXRSgVUMVjNVGF4GszaaTn0K
if+MmVHg06biVb37fSGsgvss6vaiw/85rJjSAjIGMmnQOLqWyPZpSbXGcSJiLBAi
vX1XVF1Qv6nJKyQQ4sLWu49SvB7AUERewd1jOD9NbFnd8Wl7myzV1gFeCQARAQAB
tFNWYWxpZG9rdSBCLlYuIChDb21wdXRlciBFbWVyZ2VuY3kgUmVzcG9uc2UgVGVh
bSB8IFZhbGlkb2t1IEIuVi4pIDxjZXJ0QHZhbGlkb2t1LmlvPokCVAQTAQgAPhYh
BMYv9NTKhL91gr+6a0gqX5ax69E7BQJfdyQUAhsDBQkA7U4ABQsJCAcCBhUKCQgL
AgQWAgMBAh4BAheAAAoJEEgqX5ax69E7IsEP/3cIfz1Xyxlss1jyesnvYofUD8TP
pSOYRGj0zwHu6mJaVC3O8q60CzMr1H2RDU0E07ezgb64TjQNSUo9IM+getcvL0KI
sXBUyeW7jWYr2xoCMPZxAx9dLbVcE6zfDjcJ59GN2GZPu7r00Hpq763uK+fvC/QG
Gf0QpCu/8b31aJG0mk1iVAFaHlq/YW/YHU+ETe0NJG7X1c3OtGbA6srUdMkXxzzm
0EFiS9GJ0HFaHPCqBZMlnMwey8J07FTeB12Aixugo9C+IlVBaqA+i41BQmu+DOE5
ox6FlcVZRwXwOzOM/X+fU60zP1hm6xW0HsAV7keUsMS7N6JwK/wv/fAa7HG3QQgS
yV5YkHUQ+IX5SuQIbbN0Lpaqt19nyU5d1qIrsIUPrSHAWYGbBNqP5bdXVzoc1rDY
Y40V4IiyWHqsnsXx25FNi+E2yJG0oK0jLOn5T8r9zZegzamNlrR/QOu7tTXK16MW
pS5SwTBeFn3O51LYpbXW92rjI5aRGK6So/ynxWFQMqi5yuBfmj6Iap5GFu60pTRj
/zTdR/88h6buV7t9v42H+XkBxWQ6wqSrUyhHM0AVrTZZ1xFqChsOX/J/qlv/nRJp
FMZYFl9gU47Z6PfnqcctG8e/RKCLS1L0U+YQKAY/wJDvS2lrLSqmapEmFykreu6B
hKVx+qu8ohadh+YAuQINBF93JBQBEADC5pJ0fl+4OHs3fscSzXqyATb1ZaaH+4eb
Unl2NfJ4n1Qtf2La0B/B0Yb8cd23c6l9ndJnO/gqipiH9zLkKFCM00fuz3K3MJ0f
3ZBPDS1XmRCLV3ppaT8xkVt7wUvXfhU/UW+fZXscs3hZysu3ecvEU4vWPx0aYXmU
Cghulzc67e71S8gPF+JFBTS3xZ5z+CdB2P395EHDj+gDDGbMzi+N4P1tPu/1Axf3
YxQh/V0kHs+/FZKv9N8cwOhzRFSSHHq3svq3SWXQ2Z8p5HgGUz+et431jChKuQoH
czpscOUflPPas6dchPCFWnBKxbyWi0SRxFqx1uwH1RZmc2jlGuyXoguDLvPmRvAi
iKgq3UQXEWweTkoZ1L9IfMAkrNQnSLxCB6rmAXrOCa4uuYHeyrIEGkKTVvGIDFXn
ELovW8IxmusGbUwYMby94XAbR21BRXabkEt5j8+PZ74aPnjLyZY2XjfftB9SNRv0
74edzjKWSdol3nEHKd62vCxzt7dKPOeQLnw3eovUB5ODllXt8kZBqjhE1T9kSXnu
MwHtRfYU4FIrn97m49sEkzUr+TVGhhTOCFVX7Z375PiGqXWyDCUumSAB64PODBD2
daa/sKQmKZTPSrq3FSYqm6nNZADd/CHXiB5idw/C9xGDugmu4rvDaRuNph6QBqX8
16jYeUofawARAQABiQI8BBgBCAAmFiEExi/01MqEv3WCv7prSCpflrHr0TsFAl93
JBQCGwwFCQDtTgAACgkQSCpflrHr0Tv3Fw/+JjMwi7CwhjDYeVJtzifc1noMzSzm
whrq1eyVQXcxeOqfJiNrdN1t0GCXoxXIfMHBWMRGS+WuprGuq2ODFk9PL4LwtTVg
CTB7ObivrxCCuV5C4ywKNNbmGGOV8It/N2i+ObbbrSJsmHP9L5JIYs0spLWP+8YS
jujFCL3R1pNRnrDLBVihK7SnZuzhcqyET7TCRTo+dD1TFPPPl7Q4aW4P2vVAa+6M
Zb5/OFWYSWUmJfLeVYKdXyqqO5+VV6jRaT7zEqxDz4KLqpzwuxCBl7KiSrMo/Kel
yOhZHIM5O5Pi6+eamjOjkQ40OCO4t0Ba+Dw6lFj7YNmFJYXfxhBtleHNdhIXsKJl
OItfvRaVt8biZNcTzBVeQLXapU93wtbYKoVfGFSb/DofTBcCrE/VhGczJcpSOu69
24YMSbtEuZ70CKElPwiGS3SGAtlpkjSxYOPrrs5JMFzeluhbzh9fXPF8wyabSp4k
u91VAA9qFY7LoVJIiBF/+xEto7L5LsbRmCebFGhH4L6ZGHbWZT9DQRlRGS2QbBp8
oIKjhdCARRrAuHcWQUXdbIutLnNULNl0tLzY0SN4596k4JfxdD/DdzbWMIijoGSv
MLPxVEfF2IPZHAPxpig0UXSzcIzmhH/PHeFZpkdbVX212fTfkMj5b5zKPE7RDDfQ
A9bPOTRDuZrmfiM=
=iF4m
-----END PGP PUBLIC KEY BLOCK-----
Validoku B.V.: Copyright © 2020-2022
All rights reserved.

Tel.: +31 203699387
KVK: 81032412
BTW: NL 861898114B01
Vestigingsnr.: 000047357673
Dotterbloemweg 24
1433WC, Kudelstaart
Why Validoku? Templates Safety and security Our vision Pricing
FAQ Terms & Conditions Privacy policy Responsible disclosure Help