top of page

VULNERABILITY DISCLOSURE POLICY

Herald Datanetics Limited and AccuSense are committed to delivering safe and secure products and services. We work diligently to resolve security vulnerabilities when they are discovered.

This document describes Herald Datanetics Limited and AccuSense’s policy for informing users of potential security vulnerabilities in supported products and services.

Image by Scott Graham

REPORT A VULNERABILITY

Refer to Reporting a Product Security Vulnerability to notify us of an AccuSense product security vulnerability. You can also email Herald Datanetics Limited and AccuSense’s Security Incident Response Team directly at sales@accusense.com.hk.  Do not include any personal information when reporting a security vulnerability.

Herald Datanetics Limited and AccuSense aims to respond to all notifications within 48 hours. We also aim to provide status updates every 10 business days.  After submitting a report, you may send us a follow-up query, at any time, by emailing sales@accusense.com.hk.

pngsucai_7045843_f49793.png

COORDINATED VULNERABILITY DISCLOSURE

Herald Datanetics Limited and 

AccuSense participate in Coordinated Vulnerability Disclosure and strongly encourages our suppliers and researchers to do the same. This means Herald Datanetics Limited and AccuSense publicly disclose a vulnerability once mitigations are available.  Coordinated Vulnerability Disclosure protects users from cybercriminals because mitigations are available at the time of public disclosure. Herald Datanetics Limited and AccuSense does not disclose security vulnerabilities before they become public, or embargos are lifted.

IOT_llustration_1_edited.jpg

SECURITY
ADVISORIES

Security advisories are the primary method for communicating information about vulnerabilities related to our products and services and can be found on our Security Advisories in the user manual.

In cases where a third party notifies Herald Datanetics Limited and AccuSense of a potential vulnerability in our products, we will investigate the finding and may publish a coordinated disclosure along with the third party.  Herald Datanetics Limited and AccuSense may receive information about a security vulnerability from a supplier under a confidential or non-disclosure agreement or under embargo. Herald Datanetics Limited and AccuSense will work with the supplier to request that a security fix is released in these cases, although we may not be able to provide details about the security vulnerability.

bottom of page