Become a volunteer

Core values

1 Ethical Integrity

Volunteers must demonstrate a strong commitment to ethical conduct in their work. They should prioritise the well-being and safety of internet users and respect privacy and legal boundaries while conducting vulnerability research.

2 Societal Responsibility

Volunteers should be driven by a sense of societal responsibility, understanding the importance of their role in making the digital world safer. Their motivation should stem from the desire to serve the common good, rather than pursuing personal benefits, political objectives, or individual interests.

3 Collaborative Mindset

It is essential for volunteers to appreciate the importance of collaboration and teamwork. They should be open to engaging with a variety of stakeholders, such as vendors, researchers, and reliable partners. Their role involves orchestrating vulnerability disclosure and efficiently reducing risks. The accomplishment of DIVD’s mission heavily relies on effective communication and cooperation.

4 Technical Proficiency

It is crucial for volunteers to have a robust knowledge of cybersecurity principles and methods. If they are considering joining one of our technical teams, they need to possess the necessary technical expertise to effectively detect and scrutinize vulnerabilities in online systems. Keeping up-to-date with the latest technologies and threats through continuous learning is indispensable.

Frequently asked questions

If this F.A.Q. doesn’t provide the answer you’re looking for, feel free to reach out to us. We strive to respond to your queries to the best of our ability.

Contact All FAQ

Is it legal what DIVD is doing?

The Dutch jurisprudence is clear: if you serve a societal need with appropriate means, you are allowed to perform these small hacks in order to prevent the real damaging hacks. Our way of working is approved by the Dutch Public Prosecution Office the National Cyber Security Center.

Why did I receive an email from DIVD / CSIRT?

If we find a vulnerability, we’ll set up a case with all the details we know and how to patch this vulnerability. Then we scan known IP adresses to see if they’re vulnerable and if that’s the case we’ll send out an email to every vulnerable IP adress.

Our emails are personally written by one of our researchers and contain a link to the casefile on the csirt.divd.nl site.

Who works for DIVD?

Most of our volunteers work in cybersecurity as their daily job, this could be at a commercial security company, government, or as a freelancer. Some of our volunteers don’t work in security at all but have great interest in making the digital world safer.

All our volunteers are screened, and have provided a certificate of conduct. Our code of conduct is sacred, we do not deviate from it.

What kinds of vulnerabilities do you report?

Any vulnerability that falls under the category of high risk or high impact. The sequence in which we handle vulnerabilities is influenced by multiple metrics, including the level of exposure online and if the vulnerability is under active exploitation.

How can I contribute to this initiative?

You can join DIVD as a volunteer or as a partner, put security.txt on your website, take action after you’ve received a notification email, and/or make a donation.