Security contacts and procedures
Flexera Software takes security very seriously and we aim to take immediate action to address serious security-related problems that involve our products or services.
Please report any suspected security vulnerability in a Flexera Software product or service to the Flexera Software Security Response Team, firstname.lastname@example.org.
When to contact the Flexera Software Security Response Team
You should contact the Security Response Team if:
- You think there may be a security vulnerability in a Flexera Software product or service
- You are unsure about how a known vulnerability affects a Flexera Software product or service
- You want to provide feedback about our standards of service and performance. If you feel your comment or complaint is not dealt with in a satisfactory manner, please contact the technical support manager.
When not to contact the Flexera Software Security Response Team
You should not contact the Security Response Team if:
- You require technical assistance (for example, "how do I configure my firewall?" or "how do I install patches due to security alerts?")
- Your issue is not security related
In any of these cases, please contact technical support for your product instead.
Who reads email sent to email@example.com
Only members of the Flexera Software Security Response Team, a restricted and carefully chosen group of Flexera Software employees, will have access to material sent to the firstname.lastname@example.org address. No outside users can subscribe to this list.
What to send to email@example.com
Please provide as much information about your system and the issue as possible when contacting the list.
How we respond
Email sent to firstname.lastname@example.org is read and acknowledged with a non-automated response within three working days.
Any information you share with us about security issues that are not public knowledge is kept confidential within Flexera Software. It is not passed on to any third-party without your permission.
Flexera Software does not provide an advance notification service. Security advisories are available from within our Knowledge Base.