Vulnerabilities that pose a risk to system security can be reported to us. Examples include vulnerabilities that give the ability to bypass login forms or allow unauthorised access to databases containing personal information.
Not every defect in a system is a vulnerability. In general, the following defects do not result in a potential security breach and we therefore kindly ask you to not report such vulnerabilities to us:
Of course, if you are in doubt whether the vulnerability you have found suits one of the above exceptions, you can still report it to us. We will determine whether the defect constitutes a vulnerability and take appropriate follow-up actions.
After discovering, report the vulnerability as soon as possible to Royal HaskoningDHV using the button below. Consider encrypting the contents of your report using our ‘PGP key’.
In the event you find a technical vulnerability in one of the systems of Royal HaskoningDHV, you can report the identified vulnerability to us by providing the information below. This gives us the opportunity to take action first. Doing so is called ‘responsible disclosure’ or ‘Coordinated Vulnerability Disclosure (CVD)’.
To prevent the data from falling into the wrong hands, you can encrypt the content of your report using our ‘PGP key’. Please read our CVD Policy before submitting your report. Here you will find more information about how we will process your CVD and what is expected from you.
If you have a question or comment that does not relate to cyber security, please contact Royal HaskoningDHV via the general contact information on royalhaskoningdhv.com .
By submitting your report, you acknowledge that you have read and agree to the terms of the CVD policy. Next to that, you agree that the data you provided may be used for communication regarding the notification you made and for realising the reward if you are eligible.
In 2024, Royal HaskoningDHV created a 'Forest of Fame' to plant a tree and mention the (nick)name of each security researcher who reported a security vulnerability. This is to highlight and thank the researchers that have made a positive contribution to the digital security of Royal HaskoningDHV. To qualify, the following quality requirements must be met: