Hey folks,

Just a quick reminder to double-check your automated tools before kicking off scans or probes—especially when it comes to rate limits.

We’ve seen a few cases lately where tools were hammering endpoints way harder than intended. It’s easy to overlook, but it can cause real headaches: slowdowns, false positives, or even getting blocked entirely.

So before you hit “run,” make sure:

• You’ve set reasonable delays between requests
• You’re respecting any published rate limits or usage guidelines
• You’re keeping an eye on how your tool behaves in real time

We all want clean results and happy systems—so let’s keep it smooth and respectful out there.

Thanks for being awesome 👊

Dear researchers,

We've increased the bounties for the critical and exceptional submissions!
We're very curious of what you can find.

Happy hunting!
The Water-Link Security Team

Hello researchers,

Given the severity of the log4shell-exploit, we have included this in our scope, so submissions using the exploit will be accepted
Thank you for the research!

Best regards,
Johan

Dear researchers,

Our new public website is finally live and has been added to the scope.

We're looking forward to seeing what you can find!

Cheers,
The Water-Link security team

Dear researchers,

Last week we experienced heavy loads on our sites.

As we are not sure whether this related to your testing, we like to check if this was part of your research activities or if it was a DDOS attack.

To be specific: we indicated a large number of requests on our Exchange server on 27/5.

If it was related to a research, we like to be informed, so we can stop the investigation on our site.

Thanks,

Johan