Response team

Product Security Incident Response

The Kudelski IoT Product Security Incident Response Team (PSIRT) is dedicated to managing reports of potential security vulnerabilities or incidents in Kudelski IoT products and services. Upon receiving a report, the PSIRT evaluates the issue and devises strategies to mitigate any potential impact on Kudelski's IoT products.

A shield with a checkmark

Key Benefits

Why Report a Vulnerability?

Reporting vulnerabilities and security incidents is a key part of the collective effort against cyber threats, enhancing the security of connected devices and services. This process not only improves product robustness but also contributes to the ongoing enhancement of security protocols. If you identify a potential vulnerability in a Kudelski IoT product or service, please reach out to us.

Report

How to Report a Vulnerability

To report a potential vulnerability, please email
PSIRT_IOT [at] nagra.com exclusively in English.
Your report should include:

Impacted Products or Services

Name, version, and revision numbers of the product.

Detailed Vulnerability Description

Technical details, discovery method, date, and the discoverer's identity.

Contact Information

For follow-up and additional inquiries.

Encrypt your report

For security reasons, we strongly recommend encrypting your report using Kudelski IoT PSIRT’s PGP/GPG Public key. Gpg4win | GnuPG
Fingerprint: 5B60 0B88 E5B3 5B6C E84F 3DFE FA3C 3DC9 260E 4FA7
Download PGP Key of Kudelski IoT PSIRT (right-click and save/download as .asc)

Acknowledgment & Response Process

How Kudelski IoT PSIRT Handles Reports

Kudelski IoT PSIRT is committed to upholding high security and quality standards in its products. The response process is as follows:

1

Notification

Acknowledgment of report receipt.

2

Review

Evaluation of the report to confirm if a Kudelski IoT product or service is affected and if enough information is provided.

3

Analysis

Detailed technical investigation of the reported vulnerability.

4

Corrective Actions

If confirmed, Kudelski IoT implements remedial measures.

5

Disclosure

Kudelski IoT communicates about the reported products and services to affected customers and partners regarding release of mitigation strategies, workarounds, or a timeline for their availability.

Responsible Disclosure Policy

Kudelski IoT PSIRT adheres to a coordinated vulnerability responsible disclosure policy. It is based on the CERT Guide to Coordinated Vulnerability Disclosure for expectations and guidelines.

Media Inquiries

If you are a member of the media with questions about Kudelski IoT product security, please direct your inquiries to marketing [at] kudelski-iot.com