Security Issue Disclosure Process

Security contacts and procedures

Flexera Software takes security very seriously and we aim to take immediate action to address serious security-related problems that involve our products or services.

Please report any suspected security vulnerability in a Flexera Software product or service to the Flexera Software Security Response Team, security@flexerasoftware.com.

When to contact the Flexera Software Security Response Team

You should contact the Security Response Team if:

You think there may be a security vulnerability in a Flexera Software product or service
You are unsure about how a known vulnerability affects a Flexera Software product or service
You want to provide feedback about our standards of service and performance. If you feel your comment or complaint is not dealt with in a satisfactory manner, please contact the technical support manager at support@flexerasoftware.com

When not to contact the Flexera Software Security Response Team

You should not contact the Security Response Team if:

You require technical assistance (for example, "how do I configure my firewall?" or "how do I install patches due to security alerts?")
Your issue is not security related

In any of these cases, please contact technical support for your product instead.

Who reads email sent to security@flexerasoftware.com

Only members of the Flexera Software Security Response Team, a restricted and carefully chosen group of Flexera Software employees, will have access to material sent to the security@flexerasoftware.com address. No outside users can subscribe to this list.

What to send to security@flexerasoftware.com

Please provide as much information about your system and the issue as possible when contacting the list.

How we respond

Email sent to security@flexerasoftware.com is read and acknowledged with a non-automated response within three working days. For issues that are complicated and require significant attention, we will open an investigation and keep you informed of our progress every five working days at minimum. Alternatively, we will provide you with a mechanism to check the status of our progress at any time.

Any information you share with us about security issues that are not public knowledge is kept confidential within Flexera Software. It is not passed on to any third-party without your permission.

Advance notification

Flexera Software does not provide an advance notification service. Security advisories are available from within our Knowledge Base.

Security Issue Disclosure Process

Security contacts and procedures

When to contact the Flexera Software Security Response Team

When not to contact the Flexera Software Security Response Team

Who reads email sent to security@flexerasoftware.com

What to send to security@flexerasoftware.com

How we respond

Advance notification

Enterprise

Intelligent Device Manufacturer

Software Vendor

Government

Installation

Licensing

Entitlement Management

Delivery

Application Readiness

Enterprise License Optimization

Global Consulting Services

For Software Producers and Intelligent Device Manufacturers

For Enterprises and Governments

Education & Training

Installation and Application Readiness

Enterprise License Optimization

Top Support Resources

Account Resources

Additional Support

News

Events

About Flexera Software

Enterprise License Optimization Partners

Alliance Partners

Installation/Application Readiness Partners

Licensing, Entitlement Management & Delivery Partners

What We Do

Company

Other Sites

Follow Us

Follow us on Twitter