Become a volunteer

DIVD is a non-profit organisation run by volunteers and a network of likeminded organisations. So please signup as a volunteer.

Open roles Signup

Core values title

1 Ethical Integrity

Volunteers must demonstrate a strong commitment to ethical conduct in their work. They should prioritise the well-being and safety of internet users and respect privacy and legal boundaries while conducting vulnerability research.

2 Societal Responsibility

Volunteers should be driven by a sense of societal responsibility, understanding the importance of their role in making the digital world safer. They should be motivated by the greater good rather than personal gain, political agendas, or individual interests.

3 Collaborative Mindset

Volunteers should value collaboration and teamwork. They should be willing to work with diverse stakeholders, including vendors, researchers, and trusted partners, to coordinate vulnerability disclosure and mitigate risks effectively. Effective communication and cooperation are key to the success of DIVD's mission.

4 Technical Proficiency

Volunteers should possess a solid understanding of cybersecurity principles and techniques. If joining one of our technical teams, they should have the technical skills necessary to identify and analyse vulnerabilities in online systems effectively. Continuous learning and staying updated with evolving technologies and threats are essential.

Dynamic FAQ section, an extra FAQ

If this F.A.Q. doesn't answer your question, please do not hesitate to contact us. We'll do our best to answer your question to the best of our knowledge.

Contact All FAQ

Is it legal what DIVD is doing?

The Dutch jurisprudence is clear: if you serve a societal need with appropriate means, you are allowed to perform these small hacks in order to prevent the real damaging hacks. Our way of working is approved by the Dutch Public Prosecution Office the National Cyber Security Center.

Why did I receive an email from DIVD / CSIRT?

If we find a vulnerability, we’ll set up a case with all the details we know and how to patch this vulnerability. Then we scan known IP adresses to see if they’re vulnerable and if that’s the case we’ll send out an email to every vulnerable IP adress.

Our emails are personally written by one of our researchers and contain a link to the casefile on the csirt.divd.nl site.

Who works for DIVD?

Most of our volunteers work in cybersecurity as their daily job, this could be at a comercial security company, government or as a freelancer. Some of our volunteers don’t work in security at all but have great interest in making the digital world safer.

All of our volunteers are screened and provided an certificate of conduct. Our code of conduct is sacred, we do not deviate from it.

What type of vulnerabilities do you notify?

Anything that is classified as high risk / high impact. We prioritize the vulnerabilities we work on by various metrics, for instance how big the exposure on the internet is and if it is being actively abused or not.

How can we contribute this initiative?

Join DIVD as a volunteer or as a partner, put security.txt on your website, take action after you’ve received a notification email or make a donation.

Our proudest work

Picture of the entrance to a mine
case

CASE: GLOBAL VMWARE ESXI RANSOMWARE ATTACKS

Read more
case

CASE: AUTHENTICATION BYPASS & REMOTE CODE EXECUTION IN CONNECTWISE SCREENCONNECT

Read more
Picture of a bug (insect)
case

CASE : AUTHENTICATION BYPASS IN JETBRAINS TEAMCITY

Read more
1 / 3
who we are