Report a security or privacy vulnerability
 

If you believe you have discovered a security or privacy vulnerability in an FPT Software product, please report it to us.

I. How to report a security or privacy vulnerability

If you believe you have discovered a security or privacy vulnerability that affects FPT Software products, software, services, or web servers, please report it to us. We welcome reports from everyone, including security researchers, developers, and customers.

To report a security or privacy vulnerability, please send an email to [email protected] that includes:
• The specific product and software version(s) which you believe are affected
• A description of the behavior you observed as well as the behavior that you expected
• A numbered list of steps required to reproduce the issue and a video demonstration, if the steps may be hard to follow

Please encrypt sensitive information that you send by email. You’ll receive a reply from FPT Software to acknowledge that we received your report, and we’ll contact you if we need more information.

II. How FPT Software handles these reports

For the protection of our customers, FPT Software doesn’t disclose, discuss, or confirm security issues until our investigation is complete and any necessary updates are generally available.

FPT Software uses security advisories and our security-announce mailing list to publish information about security fixes in our products and to publicly credit people or organizations that have reported security issues to us.

For more information on CVD, please review the information provided in the following links:
https://www.iso.org/standard/72311.html

 
Security Advisories
 

FPT-software Security Advisories are a supplement to the FPT Software Security bulletins. They address security changes that may not require a security bulletin but that may still affect customers’ overall security.

FPT Software Security Advisories are a way for FPT Software to communicate security information to customers about issues that may not be classified as vulnerabilities and may not require a security bulletin. Each advisory is accompanied by an FPT Software Knowledge Base Article to provide additional information about any changes or updates being delivered with the advisory’s release.

Help protect your computing environment by keeping up to date on FPT Software technical security notifications. For more information, see FPT Software Technical Security Notifications.