Report a potential vulnerability
HP Software Response Center serves as security center to receive updates about potential security incidents, investigate them and evaluate the potential risk while working in parallel with HP R&D groups to execute an immediate response plan.
Security Response Center process
The Security Response Center has established an efficient process aligned with industry best practices to ensure that each potential security incident or vulnerability will be addressed, evaluated and communicated internally within HP in a timely manner in order to prepare a clear resolution plan.
Strong communication procedures
The Security Response Center has established communications procedures that comply with the HP’s policies on customer interaction and information disclosure. Upon resolution for a vulnerability, we will communicate all details directly to the customer or relevant parties (e.g. SSRT team, Support Center or relevant account manager). All resolutions are subject to be updated in security bulletins and will be updated on our website. After a resolution has been released, the Security Response Center will conduct the following actions in order to continue improving processes:
Case study details of the vulnerability found will be shared our R&D teams to assure similar vulnerabilities do not occur.
All case studies are uploaded to our internal HP Resource Center for future reference.
Ongoing security awareness
Case details will be integrated into our internal security newsletters, security awareness days and security training courses.