Back to portfolio Taco Roumen tacoroumen.nl
Coordinated Vulnerability Disclosure

Security Policy

I consider the security of my systems a top priority. No matter how much effort I put into it, weaknesses can still occur — if you find one, I want to know so I can fix it as quickly as possible.

[email protected] PGP key Response within 3 business days
01

Scope & intent

This Coordinated Vulnerability Disclosure policy is not an invitation to actively scan or attack my systems.

If you identify a vulnerability in one of my systems, please report it responsibly using the guidelines below so I can address the issue without putting any data or third parties at risk.

02

What I ask of you

Email your findings to [email protected] and encrypt the message with my PGP key to keep the information out of the wrong hands.
Provide enough detail to reproduce the problem so I can resolve it quickly — usually the IP address or URL of the affected system plus a description is enough, though complex issues may need more.
Do not exploit the vulnerability, for example by downloading more data than necessary to demonstrate it, or deleting or modifying data belonging to third parties.
Do not disclose the problem to others until it has been resolved.
Do not use attacks on physical security, social engineering, distributed denial-of-service, spam, or third-party applications.
03

What I promise in return

I will respond to your report within three business days with my evaluation and an expected resolution date.
If you follow the guidelines above, I will not take any legal action against you regarding your findings.
I will handle your report in strict confidence and never share your personal details with third parties without your permission.
I will keep you informed of the progress toward resolving the problem.
As a token of gratitude, I offer a reward for every report of a security issue not yet known to me. The amount depends on the severity of the leak and the quality of the report.
Report a vulnerability

Found something? Let's fix it together.

Send an encrypted email and I'll get back to you within three business days.

Email [email protected] Download PGP key
© 2026 Taco Roumen tacoroumen.nl/security