Bugtraq mailing list archives
Finding Vendor Security Contacts
From: "Ed Ravin" <eravin () panix com>
Date: Fri, 8 Nov 2002 22:39:24 -0500 (EST)
Mark Litchfield writes:
Does any one have or know of a security contact within www.real.com, as I have a serious issue to report. Tried the website, only have technical support and the web forms don't allow for much content.
At one of the BOF forums at LISA 2002, a representative from CERT, after describing their extensive network of vendor contacts, said that anyone who has trouble finding a security contact in a company is welcome to contact CERT. Though CERT will not give you anyone's email address, they will ask the vendor's security person to contact you directly if you request. [Note: I have no experience with CERT, I'm just reporting what their rep said at the BOF] Another tip is to find the press office / public affairs office on the vendor's web site - the PR folks usually understand the potential image problems of security vulnerabilities.
Current thread:
- Help Please Mark Litchfield (Nov 07)
- Re: Help Please Patrick Oonk (Nov 09)
- Finding Vendor Security Contacts Ed Ravin (Nov 09)