-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Can Wong <[email protected]>
- Loading branch information
Showing
1 changed file
with
3 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -15,16 +15,14 @@ Reporting Security Issues | |
|
|
||
| We encourage you to report security vulnerabilities to us privately so that we can follow a coordinated disclosure process, allowing us time to thoroughly investigate security issues and publicly disclose them when appropriate. | ||
|
|
||
| To report security issues in our products or on ni.com, email <`security@ni.com`_> with sufficient details about how to reproduce the issue. You may use the `NI PGP key <https://www.ni.com/en/support/security/pgp.html>`_ to encrypt any sensitive communications you send to us. When you notify us of a potential security issue, our remediation process includes acknowledging receipt and coordinating any necessary response activities with you. | ||
| To report security issues in our products or on ni.com, email <`ni-psirt@emerson.com`_> with sufficient details about how to reproduce the issue. You may use the `NI PGP key <https://www.ni.com/en/support/security/pgp.html>`_ to encrypt any sensitive communications you send to us. When you notify us of a potential security issue, our remediation process includes acknowledging receipt and coordinating any necessary response activities with you. | ||
|
|
||
| If you are interested in reporting a security issue in an NI product other than NI LinuxRT, reference the company security page `here <https://ni.com/security>`_. | ||
|
|
||
|
|
||
| Requesting CVE Exposure information | ||
| ----------------------------------- | ||
|
|
||
| Vulnerabilities in community software packages are frequently fixed by patching the source code, without changing the package's final version number. Because of this, vulnerability scanners sometimes erroneously flag a package as being vulnerable to exploits which have already been patched. To request a disposition about whether your deployed version of NILRT is exposed to a vulnerability, send an email to <`product-security@ni.com`_> with information about your deployed system and the discrete set of interesting CVEs. | ||
| Vulnerabilities in community software packages are frequently fixed by patching the source code, without changing the package's final version number. Because of this, vulnerability scanners sometimes erroneously flag a package as being vulnerable to exploits which have already been patched. To request a disposition about whether your deployed version of NILRT is exposed to a vulnerability, send an email to <`ni-psirt@emerson.com`_> with information about your deployed system and the discrete set of interesting CVEs. | ||
|
|
||
|
|
||
| .. _[email protected]: mailto:[email protected] | ||
| .. _[email protected]: mailto:[email protected] | ||
| .. _[email protected]: mailto:[email protected] | ||