Report a potential vulnerability

HP Software Response Center serves as security center to receive updates about potential security incidents, investigate them and evaluate the potential risk while working in parallel with HP R&D groups to execute an immediate response plan.

 

Security Response Center process

The Security Response Center has established an efficient process aligned with industry best practices to ensure that each potential security incident or vulnerability will be addressed, evaluated and communicated internally within HP in a timely manner in order to prepare a clear resolution plan.

sw | enterprise-software-security-center/response-center | full width image
 

Strong communication procedures

The Security Response Center has established communications procedures that comply with the HP’s policies on customer interaction and information disclosure. Upon resolution for a vulnerability, we will communicate all details directly to the customer or relevant parties (e.g. SSRT team, Support Center or relevant account manager). All resolutions are subject to be updated in security bulletins and will be updated on our website. After a resolution has been released, the Security Response Center will conduct the following actions in order to continue improving processes:

sw | blue icon | secure development

Information sharing

Case study details of the vulnerability found will be shared our R&D teams to assure similar vulnerabilities do not occur.

sw | blue icon | resources

Resource library

All case studies are uploaded to our internal HP Resource Center for future reference.

sw | blue icon | security experience

Ongoing security awareness

Case details will be integrated into our internal security newsletters, security awareness days and security training courses.