small align text-align-left refresh

Reporting a Security Vulnerability

basic_heading secondary align text-align-left color text-black refresh

How to Report

body wide align text-align-left color text-black refresh

We encourage you to follow responsible disclosure guidelines, and to not disclose your finding publicly until a fix or workaround has been provided by Carbon Black.

Contact productsecurity@carbonblack.com to report a security vulnerability in any Carbon Black product or service. You can use our PGP key to encrypt sensitive information.

padding refresh
 
basic_heading secondary align text-align-left color text-black refresh

Vulnerability Reporting Guidelines

three_up_bullets color bg-gray refresh

Provide an appropriate level of detail including the steps needed to reproduce the issue, any code samples you wish to share, applicable screen shots, and other details that could facilitate our identification of the problem

Do not publicly share the vulnerability, or related details, until Carbon Black has released a fix

Allow a reasonable timeframe for Carbon Black to address the vulnerability and release a fix; Specific timeframes will be estimated during our assessment of your report

padding refresh
 
basic_heading secondary align text-align-left color text-black refresh

Carbon Black’s Commitment to You

four_up_bullets
  • We will provide prompt acknowledgement of your report

  • We will work closely with you to answer any questions

  • We will notify you when the vulnerability has been resolved and a release vehicle determined

  • We will publicly acknowledge your responsible disclosure (unless anonymity is preferred)