A2D2 Product Security Response Process

When a security issue on an A2D2 product or service is reported, A2D2 immediately starts working with our development teams to resolve the issue. We will work with partners, researchers, customers and other individuals as necessary, to help resolve the vulnerability issues and improve the process. The following is an overview of the product security issue lifecycle, including the disclosure and resolution processes:

Discovery

A2D2 is notified of a suspected vulnerability in an A2D2 product or service. We request our reporters to maintain strict confidentiality until a complete resolution is available and has been published by A2D2, in line with best practice for responsible disclosure.

Investigation

A2D2's product team verifies the suspected vulnerability and will attempt to reproduce the reported issue for a full analysis of the situation. A2D2 may collaborate with the reporting party to obtain as much information as possible to ensure the appropriate remedy.

Mitigation

A2D2's product team develops a schedule for software update releases of the fixes based on the severity of the vulnerability.

Notification

The security update is released at http://support.a2d2.net and by means of in-device notifications. A notification email will also be sent to those impacted by the reported vulnerability. 

We strongly recommend you keep current with software updates on your A2D2 devices.