Definition of Security Vulnerability
Security vulnerability refers to a defect or weakness in the system that may be exploited to violate the system security policies during system design, deployment and operation or management.
Vulnerability Report Channel
The security vulnerability reporter may report any potential security vulnerabilities in SENIOR related products by directly sending an email to email@example.com. In order to verify and locate such vulnerabilities, the said email should include without limitation to:
1. Your organization and contact methods
2. Affected products and their versions
3. Vulnerability description
4. Technical details
5. Publicly available information
6. Possible vulnerability disclosure plan
To ensure confidentiality, we recommend you to encrypt your email using open PGP and send it to firstname.lastname@example.org. You can click here to obtain our open PGP public key.
Take the initiative to monitor suspected security vulnerabilities and problems and receive external reports to start the vulnerability response process;
Verify the authenticity and influence scope of suspected vulnerabilities and problems and carry out risk level assessment;
Develop and test mitigation measures according to the company's SENIOR-SDL development process;
4.Repair Information Disclosure
Disclose the repair information of relevant vulnerabilities to customers;
5.Feedback & Closed-loop Improvement
While improving product safety, keep receiving relevant information during product use for repair and iterations
SENIOR encourages vulnerability researchers, industry organizations, government agencies and suppliers to take the initiative to report security vulnerabilities related to SENIOR products to PSIRT. In case of any problems or risks of our products in data security protection, you can contact us by the following means, and we will reply to you within 15 working days after receiving your complaint or report.
Complaint and Report Email : psirt @ senior.com