From e5971302fbdf864172315e690033b1b30d294dc7 Mon Sep 17 00:00:00 2001 From: Can Wong Date: Fri, 18 Oct 2024 15:20:51 -0500 Subject: [PATCH] Update NI email address Signed-off-by: Can Wong --- docs/source/policies/security_response_policy.rst | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/source/policies/security_response_policy.rst b/docs/source/policies/security_response_policy.rst index 9a282c2..21f26b6 100644 --- a/docs/source/policies/security_response_policy.rst +++ b/docs/source/policies/security_response_policy.rst @@ -15,7 +15,7 @@ Reporting Security Issues We encourage you to report security vulnerabilities to us privately so that we can follow a coordinated disclosure process, allowing us time to thoroughly investigate security issues and publicly disclose them when appropriate. -To report security issues in our products or on ni.com, email <`security@ni.com`_> with sufficient details about how to reproduce the issue. You may use the `NI PGP key `_ to encrypt any sensitive communications you send to us. When you notify us of a potential security issue, our remediation process includes acknowledging receipt and coordinating any necessary response activities with you. +To report security issues in our products or on ni.com, email <`ni-psirt@emerson.com`_> with sufficient details about how to reproduce the issue. You may use the `NI PGP key `_ to encrypt any sensitive communications you send to us. When you notify us of a potential security issue, our remediation process includes acknowledging receipt and coordinating any necessary response activities with you. If you are interested in reporting a security issue in an NI product other than NI LinuxRT, reference the company security page `here `_. @@ -23,8 +23,6 @@ If you are interested in reporting a security issue in an NI product other than Requesting CVE Exposure information ----------------------------------- -Vulnerabilities in community software packages are frequently fixed by patching the source code, without changing the package's final version number. Because of this, vulnerability scanners sometimes erroneously flag a package as being vulnerable to exploits which have already been patched. To request a disposition about whether your deployed version of NILRT is exposed to a vulnerability, send an email to <`product-security@ni.com`_> with information about your deployed system and the discrete set of interesting CVEs. +Vulnerabilities in community software packages are frequently fixed by patching the source code, without changing the package's final version number. Because of this, vulnerability scanners sometimes erroneously flag a package as being vulnerable to exploits which have already been patched. To request a disposition about whether your deployed version of NILRT is exposed to a vulnerability, send an email to <`ni-psirt@emerson.com`_> with information about your deployed system and the discrete set of interesting CVEs. - -.. _product-security@ni.com: mailto:product-security@ni.com -.. _security@ni.com: mailto:security@ni.com \ No newline at end of file +.. _ni-psirt@emerson.com: mailto:ni-psirt@emerson.com \ No newline at end of file