Reporting Suspected Vulnerabilities
If you encounter or find a suspected vulnerability in Westwell products, we would appreciate it if you could quickly inform us. Please report suspected vulnerabilities through specified channels in accordance with the security mechanisms.
Vulnerability Reporting Channels
You can submit any suspected vulnerabilities related to Westwell’s products via email firstname.lastname@example.org. We will investigate immediately all suspected vulnerabilities submitted by security researchers, organizations, clients, or vendors etc. Typically, you will receive an email confirmation from Westwell within 24 hours, and you will be updated on the status of the submitted case as appropriate.
Vulnerability information is sensitive. To ensure confidentiality, you are advised to encrypt the information sent to email@example.com using Pretty Good Privacy (PGP). You can click here to obtain Westwell's PGP public key (PGP fingerprint: F67BED9420299B20A429EFAE3E3044BDB580181B).
Throughout the vulnerability handling process, Westwell strictly ensures that vulnerability information is transferred only between relevant handlers. We sincerely request you to keep the information confidential until a complete solution is available to our customers.