Vulnerability Disclosure Policy
As a provider of security products we take security issues very seriously and recognize the importance of privacy and data security. We are committed to addressing and reporting security issues to protect users. Whether you’re a user of AnkerMake security products, a software developer, or simply a security researcher, you’re an important part of this process.
How To Report Security Issues:
If you believe you have discovered a vulnerability in a AnkerMake Security product or have a security incident to report, please fill out the vulnerability report form.
When we receive a vulnerability report, AnkerMake takes a series of steps to address the issue internally, referring to ISO/IEC 30111. All reported vulnerabilities are scored according to the Common Vulnerability Scoring System 3.1 (CVSS) standard.
Step 1: AnkerMake requests the reporter provide confidential detailed information of the vulnerability.
Step 2: AnkerMake investigates and verifies the vulnerability.
Step 3: AnkerMake fixes the vulnerability and verifies the fix across AnkerMake Security product lines.
Step 4: AnkerMake releases an OTA (over the air) update to the AnkerMake Security product.
Step 5: AnkerMake monitors the stability of the AnkerMake security product after the update.
Report receipt will be confirmed within 1 business day and a preliminary assessment will take place. Within 3 business days assessments will be complete and the vulnerability will be fixed or will have a remediation plan in place.
Critical risk vulnerabilities will be fixed within 3 business days.
High and medium risk vulnerabilities will be fixed within 30 business days.
Low risk vulnerabilities will be fixed within 180 business days.
Note, some vulnerabilities are subject to environment or hardware restrictions. Final remediation time will be determined according to the real-world situation.
We greatly appreciate anyone who can give us a chance to improve our products and services, and better protect our users.
Thank you for working with us through the above process.