Skip to content

Commit

Permalink
Update NI email address
Browse files Browse the repository at this point in the history 
Signed-off-by: Can Wong <can.wong@ni.com>
  • Loading branch information
@usercw88 @amstewart
usercw88 authored and amstewart committed Oct 22, 2024
1 parent 783d2c0 commit e597130
Showing 1 changed file with 3 additions and 5 deletions.
8 changes: 3 additions & 5 deletions docs/source/policies/security_response_policy.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,16 +15,14 @@ Reporting Security Issues

We encourage you to report security vulnerabilities to us privately so that we can follow a coordinated disclosure process, allowing us time to thoroughly investigate security issues and publicly disclose them when appropriate.

To report security issues in our products or on ni.com, email <`security@ni.com`_> with sufficient details about how to reproduce the issue. You may use the `NI PGP key <https://www.ni.com/en/support/security/pgp.html>`_ to encrypt any sensitive communications you send to us. When you notify us of a potential security issue, our remediation process includes acknowledging receipt and coordinating any necessary response activities with you.
To report security issues in our products or on ni.com, email <`ni-psirt@emerson.com`_> with sufficient details about how to reproduce the issue. You may use the `NI PGP key <https://www.ni.com/en/support/security/pgp.html>`_ to encrypt any sensitive communications you send to us. When you notify us of a potential security issue, our remediation process includes acknowledging receipt and coordinating any necessary response activities with you.

If you are interested in reporting a security issue in an NI product other than NI LinuxRT, reference the company security page `here <https://ni.com/security>`_.


Requesting CVE Exposure information
-----------------------------------

Vulnerabilities in community software packages are frequently fixed by patching the source code, without changing the package's final version number. Because of this, vulnerability scanners sometimes erroneously flag a package as being vulnerable to exploits which have already been patched. To request a disposition about whether your deployed version of NILRT is exposed to a vulnerability, send an email to <`product-security@ni.com`_> with information about your deployed system and the discrete set of interesting CVEs.
Vulnerabilities in community software packages are frequently fixed by patching the source code, without changing the package's final version number. Because of this, vulnerability scanners sometimes erroneously flag a package as being vulnerable to exploits which have already been patched. To request a disposition about whether your deployed version of NILRT is exposed to a vulnerability, send an email to <`ni-psirt@emerson.com`_> with information about your deployed system and the discrete set of interesting CVEs.


.. _product-security@ni.com: mailto:product-security@ni.com
.. _security@ni.com: mailto:security@ni.com
.. _ni-psirt@emerson.com: mailto:ni-psirt@emerson.com

0 comments on commit e597130

Please sign in to comment.