Blogs

The hoodies behind Zerocopter

Welcome back to our favourite blog series, the Hoodies behind Zerocopter! Check out this month's conversation with our Finance Manager, Thom Haller!

Act 1 - Security Theater in Play

What is security theater? Are we caught in the illusion of it? Check out our CPO's, Renza Gruter, personal security theater story!

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check out this month's conversation with Mark de Roos, our Chief Human Resources Officer.

The hoodies behind Zerocopter

Welcome back to the Hoodies behind Zerocopter! Check out this month's conversation with Adrianus Warmenhoven, our Technical Product Owner!

Digital defense in need of a larger vision by greater people

In this blog, Renza Gruter, our CPO and philosophical nerd, explores security solutions from a different perspective. Read her fresh take on the industry!

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check out this month's conversation with Mattijs van Ommeren, our Head of Research & Development!

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check out this month's conversation with Petr Mares, our frontend designer.

The hoodies behind Zerocopter

Welcome back to our favourite blog series, the Hoodies behind Zerocopter! Check out this month's conversation with Sergey Novik, our backend developer!

Edwin van Andel on Coordinated Vulnerability Disclosure and NIS2

Our CTO, Edwin van Andel, talks about Coordinated Vulnerability Disclosure (CVD) milestones in the Netherlands and its importance in the new NIS2 directive!

The hoodies behind Zerocopter

Welcome back to our favourite blog series, the Hoodies behind Zerocopter! This month we sat down with Delia Sirbu, Sales and Marketing Specialist.

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check out this month's conversation with Maarten Boone, our Security Researcher.

What is template injection?

Welcome are back with our next blog on top reported vulnerabilities! This month we are diving deeper on Template Injection vulnerability. Check it out here.

The hoodies behind Zerocopter

Welcome back to our favourite blog series, the Hoodies behind Zerocopter! Check out this month's conversation with Renza Gruter, our Chief Product Officer.

What's the key to a successful Coordinated Vulnerability Disclosure process?

Why is it important to have a CVD policy? And how can you make sure that the process of disclosing vulnerabilities is successful for both parties? Read here

The hoodies behind Zerocopter

Whoohoo! It's cybersecurity awareness month and we have a special edition of the Hoodies behind Zerocopter for you, featuring our CTO, Edwin van Andel!

Why is having a Security.txt so important and how can you create one?

Last week, Zerocopter, together with Digital Trust Center presented the importance of having a Security.txt. We also created a tool to help you create one!

Let's talk about Local File Inclusion

We are back with our next blog on the top reported vulnerabilities! This month we diving deeper on Local File Inclusion vulnerability.

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check out this month's conversation with Daria Soliieva, Sales and Marketing Specialist.

What is Cross Site Request Forgery?

Welcome back to our blog series on the top reported vulnerabilities in our platform!This time we are diving deeper on Cross Site Request Forgery vulnerability

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check this month's conversation with Joni Hasanen, our Software Developer.

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check this month's conversation with Mariusz Pruszynski, our Software Developer.

Let's talk about SQL Injection

Welcome back to our blog series on the top reported vulnerabilities in our Bug Bounty and CVD programs! Check out this month's blog on SQL Injection.

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check this month's conversation with Chloe Hollman, our Customer Success Manager.

Zerocopter has joined Security Delta (HSD) security cluster!

HSD sat down with our CEO, Erik Ploegmakers, and talked about this partnership, about Zerocopter's ambitions and future plans. Check out the interview!

What is an Insecure Direct Object Reference (IDOR)?

We are back with our next blog about the top reported vulnerabilities! This month we are casting light on the Insecure Direct Object Reference (IDOR).

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check this month's conversation with Jan Albert Jonker, our Head of Sales.

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check this month's conversation with Tanya Fomina, Head of Customer Success.

What is cross-site scripting (XSS)?

Read our first blog on the most frequently found vulnerabilities in our platform! This month we are diving deeper on the types of cross-site scripting (XSS)

Your gateway to go One Step Beyond in cyber security

Last year witnessed some of the most severe cyber-attacks want to learn how we protect you from such attacks by going one step beyond? Read it in this blog!

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check this month's conversation with Lennaert Oudshoorn, our Security Analyst.

Reporting tips: using Markdown to make your report look better

How can you make your report more visually appealing? Read our blog to see some tips and tricks!

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check out this month's conversation with Lars van Zadelhoff, our UX designer.

Reporting tips: setting the severity of a report with the CVSS calculator

How do you set the severity of a report with the CVSS calculator? How do you write a good report? Read the blog to find some insightful reporting tips!

The hoodies behind Zerocopter

Get to know the hoodies behind Zerocopter! Check out this month's conversation with Warner Dijkstra, our Finance Manager.

Go One Step Beyond: keep cybersecurity human

The hoodies behind Zerocopter

New blog series alert! Get to know the hoodies behind Zerocopter. Check out this month's conversation with Chantal Stekelenburg, our Head of Researchers.

New guide from Cybersprint: This is how you hack a city

Have you ever wondered how can you hack a city in a controlled manner? Read here now:

Zerocopter announces new Head of Researchers

As of November 1st 2021, Zerocopter is delighted to announce that Chantal Stekelenburg is now our new Head of Researchers.

How better security enables you to go one step beyond

We don’t need to tell you the statistics of hacks that are happening right this second or share with you the impact a breach can have.

How to get secure in ten minutes

Each year, October is European Cyber Security Month. To raise awareness, but also to share knowledge and organise interesting events around this subject.

Why having a #FirstAidKit is not enough for proper cyber security - but does help!

Strengthen your IT security with Coordinated Vulnerability Disclosure.

Don’t let vulnerabilities become your weakness: implement a Coordinated Vulnerability Disclosure program

Coordinated Vulnerability Disclosure is an indispensable tool for your cyber security. Zerocopter explains what it is, and how to use it in this blog.

Kaseya ransomware attack: Interview with the Dutch Institute for Vulnerability Disclosure

Interview with two DIVD volunteers about the Kaseya ransomware attack and how did they find some vulnerabilities 3 months before the attack.

New buyer's guide from Cyber Safe Netherlands

Make the right choice when it comes to requesting cybersecurity services with the new buyer's guide from Cyberveilig Nederland

Blog 3: preventing a (next) cyber-attack

Welcome to the third and last blog in the series about surviving a cyber-attack. Here we explain what should be done to prevent a (next) cyber-attack.

Blog 2: the next steps in surviving a cyber-attack

In this blog we explain what should be done further (and by whom) to deal with the consequences of a cyber-attack.

Blog 1: the first steps in surviving a cyber-attack

In this blog, we explain what should be done (and by whom) first to deal with the consequences of a cyber-attack.

Changing the way Zerocopter rewards

Changing the way Zerocopter rewards by implementing a CVSS-calculator and minimum rewards.

Zerocopter announces new CEO

Zerocopter announced today that Erik Ploegmaker has been appointed as CEO.

What is a Coordinated Vulnerability Disclosure program?

In this Zerocopter blog, we explain what a Coordinated Vulnerability Disclosure program is and why you should run it to keep your IT systems secure.

Bug bounty programs: what, why, and how

In this Zerocopter blog, we teach you what a bug bounty program is, why you should run bug bounty programs and how to start one.

Bug bounty voor de CoronaMelder-app

Op woensdag 20 januari 2021 om 13.37 uur zijn we op het Zerocopter platform een bug bounty programma gestart voor de CoronaMelder-app.

Zerocopter Recon - the ultimate start for organizations

Zerocopter Recon is the ultimate start for organizations, to get an accurate overview of your public facing attack.

Enable software developers to build secure applications by design with OWASP SKF

Enable software developers to build secure applications by design with the open source OWASP Security Knowledge Framework Labs.

OWASP SKF labs - 50+ examples of vulnerabilities and guides on how to exploit them

In the OWASP SKF Lab repository you can find over 50+ examples of vulnerabilities and guides that will show you step by step how to exploit them.

Zerocopter supports WijHelpenZiekenhuizen.nl to assist healthcare institutions

Zerocopter and other Dutch cybersecurity companies are joining forces to protect healthcare institutions against cyber criminals during the corona crisis.

Why am I interesting for criminal hackers? Edwin van Andel in Dutch TV show "Knappe Koppen"

Edwin van Andel is one of the bright minds in Dutch TV show "Knappe Koppen" presented by Gregory Sedoc.

You’ve convinced the board. Now what?

Working with researchers through the Zerocopter platform offers advantages no other method of testing can deliver.

How to convince your board to change its perspective on security

Security incidents are a business-wide management issue. But how do you convince the board of this fact? Read this blog to find out.

8 problems with the traditional pentest

Pentests are snapshots. After clicking, the picture doesn’t reflect the current state anymore. Here’s the rest of the problems with the pentest.

Embrassez un hacker...

L’entreprise X a été piratée et 3 millions de données personnelles se retrouvent dans la nature. C’est un gros titre que l’on pourrait lire dans n’importe

Zerocopter Pledges Support for the Hack_Right Program

Zerocopter supports the Hack_Right program and is happy to help convince young hackers to use their qualities for the greater good.

A new perspective on security: your board needs it

Our CEO Edwin gives at least four arguments you need to convince your board that repositioning security is not optional in the modern climate.

Zero Days of Love ♥️ | our CTO explains CDI pipelines and his role in OWASP. If you’re interested...

Give developers the security requirements upfront before the code-writing process starts, allowing for a much cleaner code architecture.

Zerocopter chosen as a 2019 Red Herring Top 100 Europe Winner

We couldn’t be more proud to be a Red Herring Top 100 Europe award winner! Red Herring enlists outstanding entrepreneurs and promising companies.

When a fun idea spirals out of control - The Office Bug Bounty Game

NIXU and Zerocopter announce IoT-Triage partnership

Zerocopter and Nixu are collaborating in the field of online security and the security of IoT devices. The parties offer a unique triage service.

Dutch companies set up new Cyber Safe Netherlands industry group

The aim is to increase digital resilience of the Netherlands and to increase the quality and transparency within the cybersecurity sector.

Techshift, for the first time in Iasi

On November 20, 2017 Zerocopter CEO Edwin van Andel was a speaker at TechShift in Iasi, Romania. Watch the interview here.

Bug Bounty Programs, the Way to Turn Black Hats Into Ethical Hackers: Interview with Zerocopter’s Edwin van Andel

We had a chat with Edwin van Andel, ethical hacker and CEO of Zerocopter, about the benefits and effects of bug bounty programs.

Victor Gevers goes to Las Vegas and DEF CON

HackerOne, Zerocopter, Insite Group and Embrace acknowledge, as an IT security expert, the huge importance of what Victor Gevers has done.

Edwin van Andel new CEO Zerocopter

From May 2017 onwards, Edwin van Andel is now Zerocopter’s new CEO. He has taken over founder Junior Meijering’s role.

Zerocopter's Edwin van Andel at the Amsterdam Permanent Beta day

Watch Zerocopter’s CEO Edwin van Andel at the Amsterdam Permanent Bèta Day, November 2016.

Teen Hacker Hacks United Airlines System, Gets Rewarded One Million Air Miles

Never did this teen security researcher think that discovering vulnerabilities in an airline’s system would earn him one million frequent flyer miles.

United Awards 19-Year-Old White Hat One Million Air Miles

United Airlines has handed out another million-mile bug bounty award to a security researcher – this time a 19-year-old Dutch hacker.

Why United Airlines Gave a 19-year-old Dutchman One Million Flyer Miles for Hacking Their Site

United Airlines’ UAL -0.36% bug bounty program will reward hackers with frequent flying miles for remote code execution, bugs and issues.

Good news: Teen hacker gets 1-million-air-miles bug bounty reward. Bad news: It's United

A Dutch teenage hacker received a million airline miles for finding bugs in the business’ code base. Unfortunately for him it's United that's paying out.

19-year-old Dutch Man Earned One Million Miles by Hacking United Airlines

Olivier Beg, a 19-year old security researcher, earned 1 million frequent flyer miles from United Airlines as reward in the bug bounty program.

Tips and tricks from a white hat hacker

Don’t do weird stuff and other tips and tricks from a white hat hacker in this video of Edwin van Andel, CEO of Zerocopter.

Best Cyber Security You're Missing Out On

Put up a shield against the cyber baddies. Protect your business against intrusions with the winners of the CreditDonkey Best in Cyber Security award.

Zerocopter introduces continuous cyber security platform

Cyber security has become a major challenge for businesses. Several Dutch startups are working on solutions to tackle this, including Zerocopter.

How to deal with a vulnerability reported by an ethical hacker?

How to respond and communicate with ethical hackers after a vulnerability report? Confirm, fix, communicate and report the problem to the authorities.

This is how hackers investigate your online security

One of the services we offer is that researchers check whether they can find vulnerabilities in your online security. Here we will explain how it works.

Why letting your website get hacked makes it safer - Responsible disclosure

One of the ways to improve the security of your website is by placing a responsible disclosure policy on your site. In this blog we explain how it works.

400 million victims in Friend Finder data breach

Some 412 million users of the largest dating websites should be worried, because in October 2016, Friend Finder was hacked and their data stolen.

Should we report our cybercrime leaks?

Dutch companies have the obligation to report on severe cyberattacks. Does reporting cybercrime contribute to a better society?

Why you should get yourself hacked by a group of hackers you don't know

When you put something online on the internet you are a target for hackers. So how to prevent this? Easy! Invite ethical hackers to hack you!

Let's hack together

We are really fond of hacking stuff together. Not only websites, but also the IoT stuff. Things like drones! Join our project to collaborate.

Zerocopter on Risk Governance

In May 2016, Zerocopter attended a meeting organized by the Delft University of technology, about input regarding a risk governance research project.

Connecting hackers. Is it frequencies? Or just interest?

I’m wondering about the strange links - or brain clicks - that hackers seem to have to other hackers and/or alike minds. Whut? Let me elaborate.

Newsflash: Mission impossible? Hacking a country and obtaining its citizens database…

What would happen if a database was leaked containing personal data of all citizens of an entire country? Hackers claimed it has happened with Turkish data.

5 ways to bypass CSRF protection

The easter bunny came by Zerocopter’s offices today and while he didn’t leave any eggs, he did leave 5 ways to bypass CSRF protection for you!

Bollo. The quest for a Zero-day scanner

We survived. We came out of the woods #winning. And we have an epic result of our team outing. We proudly present: Zerocopters Zero Day Scanning!

Why Mr Robot is awesome.

Mr Robot is awesome. It’s one of the best series that I have seen during the last year. And it’s way better than the hacking you normally see in series.

Exploiting blind cross-site scriptings

Internal systems developed with thoughts like ‘no one can reach this anyway’? They’re reachable, it just takes a little bit more effort.

HP ThinClients hacked. EasyTools; Easy to (ab)use!

This is about CVE-2015-2112 and CVE-2015-2113. HP ThinClients are shipped with Easy Tools software. This software allows a LOT. Uninstall / Disable it.

Scope: The final frontier

Is scope needed? Sometimes … yes. But if you want to really test your business, or website, or app, or network… give those researchers time, and room.

Edwin van Andel joins Zerocopter!

In January 2016, Edwin van Andel started at Zerocopter. He will strengthen us with his years of experience, and unorthodox view on information security.

Not all hackers are stealing your credit card info...

A lot of hacking happens with permission of the rightful owner of a site or device. It does however becomes illegal when you commit computer trespassing.