SECURITY ADVISORY

SECURITY ADVISORY

Check category
/
/
BECA Product Security Advisory

BECA Product Security Advisory

BECA Product Security Advisory

BECA Product Software Updates

BECA will deliver an updated experience for you on a regular basis, including updated security patches. Several factors may affect the date you actually receive an update, e.g. device model, operator variants etc. Users are reminded that all maintenance releases should be accepted as soon as possible for ensuring best performance.

The details are as follows:https://github.com/BecaJack/Security

 

Report Vulnerabilities to BECA

We strongly encourage organizations and individuals to contact BECA’s security team to report any potential security issue.

Contact way

Email address:jack@becaenergy.com

HoursBECA will endeavor to respond to the report within five working days.

 

Responsible Reporting Guidelines

1. All parties to a vulnerability disclosure should comply with the laws of their country or region.

2. Vulnerability reports should be based on the latest released firmware, and preferably written in English.

3. Report vulnerabilities through the dedicated communication channel. BECA may receive reports from other channels but does not guarantee that the report will be acknowledged.

4. Adhere to data protection principles at all times and do not violate the privacy and data security of BECA 's users, employees, agents, services or systems during the vulnerability discovery process.

5. Maintain communication and cooperation during the disclosure process and avoid disclosing information about the vulnerability prior to the negotiated disclosure date.

6. BECA is not currently operating a vulnerability bounty program.

 

How BECA Deals with Vulnerabilities

 

BECA will respond to vulnerability reports as soon as possible, usually within five business days.

BECA Security will work with the product team to perform a preliminary analysis and validation of the report to determine the validity, severity and impact of the vulnerability. We may contact you if we need more information about the reported vulnerability.

Once the vulnerability has been identified, we will develop and implement a remediation plan to provide a solution for all affected customers.

Remediation typically takes up to 90 days and in some cases may take longer.

You can keep up to date with our progress and the completion of any remediation activities.

BECA will issue a security advisory when one or more of the following conditions are met:

1. The severity of the vulnerability is rated CRITICAL by the BECA security team and BECA has completed the vulnerability response process and sufficient mitigation solutions are available to assist customers in eliminating all security risks.

2. If the vulnerability has been actively exploited and is likely to increase the security risk to BECA customers, or if the vulnerability is likely to increase public concern about the security of BECA products, BECA will expedite the release of a security bulletin about the vulnerability, which may or may not include a full firmware patch or emergency fix.

Previous: None
Next: None
Previous: None
Next: None

推荐新闻

Wireless thermostat basics explained
Wireless thermostat basics explained
4 key details of a wall-hung thermostat
4 key details of a wall-hung thermostat
Becasmart's third thanksgiving day
Becasmart's third thanksgiving day
Previous page
1
2
10

About Us

Videos

News

Contact us

Tel:+86-592-6151256

Email:info@becasmart.com

Add: Room 502,  5th Floor, No. 7, Lianfa Gold Industrial Park, Tong'an District, Xiamen, China

beca

WeChat public account

© Xiamen Beca Energysaving Technology Co.,Ltd, . 闽ICP备2021005967号-1 Power:300.cn