Security Concern & Compliance Reporting

 

At Abaco, we take security and compliance very seriously. We have rigorous processes in-house to monitor these and resolve any issues – but we also need your help. If you become aware of any problem or vulnerability in an Abaco product or service that might compromise security or compliance, we want to hear from you about it as soon as possible.

Abaco PSIRT or CIRT will review and respond to your submission within 48 hours if possible, depending on the severity of the concern.

Security vulnerability, compromise or exploit in an Abaco product or service

To report a suspected security threat or vulnerability, please contact the Abaco Product Security Incident Response Team (Abaco-PSIRT) at security@abaco.com. (We support encrypted emails via our public PGP key.)

When you contact us, please provide the following:

  • Contact information (unless you wish to remain anonymous)
  • Email subject line: PSIRT
  • The name and version of the Abaco product or service
  • A description of the issue you have identified (for example:. privilege escalation, buffer overflow)
  • Information that will help us replicate the issue (for example:. configuration details, proof-of-concept or exploit code)

Data / network security incident involving Abaco data

To report a suspected data/network security incident, please contact the Abaco Computer Incident Response Team (Abaco-CIRT) at security@abaco.com. (We support encrypted emails via our public PGP key.)

When you contact us, please provide the following:

  • Contact information (unless you wish to remain anonymous)
  • Email subject line: CIRT
  • A summary of what you believe is the Abaco information being degraded, disclosed or denied
  • The IP address, domain name or email address involved
  • How you detected the activity