In the ever changing security landscape we are slowly seeing a shift from labelling hackers per default as ‘bad and malicious individuals’, to accepting them more often as ‘useful and potentially friendly’. We see more and more companies starting a bug bounty program and/or a Responsible Disclosure (Coordinated vulnerability disclosure) program.

We in the Netherlands are (at least in Europe) leading the pack on this last subject, backed heavily by the Dutch NCSC, the …