If you believe you have discovered a security or privacy vulnerability in an FPT Software product, please report it to us.

I. How to report a security or privacy vulnerability

If you believe you have discovered a security or privacy vulnerability that affects FPT Software products, software, services, or web servers, please report it to us. We welcome reports from everyone, including security researchers, developers, and customers.

To report a security or privacy vulnerability, please send an email to [email protected] that includes:
• The specific product and software version(s) which you believe are affected
• A description of the behavior you observed as well as the behavior that you expected
• A numbered list of steps required to reproduce the issue and a video demonstration, if the steps may be hard to follow

Please encrypt sensitive information that you send by email. You’ll receive a reply from FPT Software to acknowledge that we received your report, and we’ll contact you if we need more information.

II. How FPT Software handles these reports

For the protection of our customers, FPT Software doesn’t disclose, discuss, or confirm security issues until our investigation is complete and any necessary updates are generally available.

FPT Software uses security advisories and our security-announce mailing list to publish information about security fixes in our products and to publicly credit people or organizations that have reported security issues to us.

For more information on CVD, please review the information provided in the following links:
https://www.iso.org/standard/72311.html

FPT Software Security Advisories serve as a supplement to the FPT Software Security Bulletins. They address security-related changes that may not warrant a full security bulletin but could still impact customers’ overall security posture.

These advisories allow FPT Software to share important security information regarding issues that may not be classified as vulnerabilities and therefore do not require a formal bulletin. Each advisory is accompanied by a corresponding FPT Software Knowledge Base article, which provides additional details about the changes or updates introduced with the advisory.

Stay informed and help protect your computing environment by keeping up to date with FPT Software Technical Security Notifications. For more information, please refer to FPT Software Security Advisories.