Show the menu

Coordinated Vulnerability Disclosure Policy (CVDP)

Layout aanpassen:
<Pas uitlijnen afbeelding aan>
<Pas positie afbeelding aan>

<Voeg een paragraaftitel toe>

At De Lijn, we regard the security and continuity of our online services as one of our top priorities. Our specialists are working constantly to optimise our systems and processes. However, despite all efforts to secure our systems, vulnerabilities may still be present.

We investigate all reports of security loopholes affecting our web presence, mobile operations and API (application programming interface: the software interface that allows two applications to communicate with each other).

Are you a security researcher? Do you think you have found a security threat/vulnerability? If so, please help us by reporting it so that we can work together to improve the security and reliability of our systems.

You can do this by registering as a researcher on the Intigriti bug bounty platform, which brings together security researchers and businesses. The platform facilitates online security testing by working with experienced researchers.

Vulnerability reporting commitment

Once you have registered and submitted a report:

  • you will receive a confirmation of receipt from us
  • we will immediately forward your report internally
  • we will let you know when we have fixed the vulnerability

We only use your personal details to contact you about your vulnerability report. We never provide them to third parties without your permission.

Thank you for your support.

Information Security team – De Lijn

Last updated: 21/03/2022

<Voeg downloadbare bestanden toe>
<Voeg knoppen toe>