reshift. Responsible disclosure

You can email your findings to noc@reshift.nl. It is possible to send messages encrypted using this PGP key. A report can also be made anonymously. In that case, however, Reshift is not able to contact you for a possible reward.

Note: This email address is not for any errors you may find on a website such as a missing page or a text that is incorrect.

Rules
We ask you to adhere to the following rules:

• Provide as detailed a description of the vulnerability as possible, including log files if possible.
• Please leave your contact information so we can contact you about a possible solution more quickly.
• We will send you an acknowledgement of receipt as quickly as possible, as well as the time frame in which we expect to resolve any leak. The report will be kept confidential, and we will keep you up to date of the progress regarding the problem.
• One of our developers may get in touch with you for any follow up questions.
• Please handle the vulnerability carefully by not publishing it prematurely, by not placing backdoors, by not performing brute-force attacks to our servers or removing or copying any data. If you do, Reshift may report abuse.
• Do not use brute-force techniques or social engineering
• Do not change any data or settings on our systems

Publication
We ask that you do not publish anything regarding the vulnerability until our developers have solved the issue. After that, feel free to post a vulnerability on your blog or website.

In addition, Reshift is happy to place your name in our Hall of Fame of everyone who has helped resolve a vulnerability.

Reward
We are grateful to everyone who helps us resolve vulnerabilities in our systems, and are happy to hand out a reward. However, Reshift is under no obligation to hand out a reward.
Vulnerabilities that Reshift will consider a reward for are:

• Cross-site scripting
• SQL injection
• Encryption issues
• Data breaches relating to user data

The reward is determined by the publisher in consultation with our developers, and will be issued after the breach has been resolved. Every report (including those for which we do not consider a reward) will be published in our ‘Hall of Fame’, unless the reporter objects.

reshift. hall of fame

Mark
Bregman

September, 2019

Christopher Simmelink

February, 2020

Mateus
Riad

February, 2020

Ashish Kunwar

November, 2017

Vasim Shaikh

November, 2017

Marvin van Walstijn

September, 2017

Devansh Batham

September, 2017

Yeasir Arafat

October, 2017

Sajibe
Kanti

October, 2017

Faiz
Zaidi

November, 2017

Ahsan
Khan

November, 2017

Nitesh Sharma

July, 2017

Pal
Patel

July, 2017

Alwin Warringa

July, 2017

Damian Ebelties

July, 2017

Vishnu Reddy

July, 2017

Noman Shaikh

August, 2017

Victor Gevers

August, 2015

Roy
Jansen

April, 2016

Daniël Bakker

April, 2017

Pal
Patel

June, 2017

Damian Ebelties

June, 2017

Giovanni Chhatta

July, 2017

Scroll to Top

Student? Kickstart je Carrière!

Welke richting wil je op?

contact. Customer service

Apply. functie

Work. functie

Results

contact. general

Do you want to know how our brands and unique content can contribute to the experience of your business? Or do you just want to drop by for a nice cup of coffee? Call or email us to schedule an appointment, or fill out the form below!

contact. Sales

We would love to tell your more about what our commercial propostions, (non-)spot solutions, branded or owned content concepts, seminars, event shows and consumer events can do for your brand. Want to know what Reshift can do for your brand? Fill out the form below!