report vulnerability

coordinated vulnerability disclosure

At Aalberts Advanced Mechatronics, we place great importance on the security of our infrastructure. Despite
all the precautions we take, vulnerabilities may still be discovered. If you identify a weakness in one of our
systems, we would greatly appreciate it if you could notify us as soon as possible, allowing us to take
immediate action to resolve the issue.

We are happy to work with you to better protect our data and ensure business continuity.

What we ask of you:

  • Report your findings to vulnerability@aalberts-am.com and encrypt any sensitive information using our PGP key. You can find the PGP key at: https://aalberts-am.com/pgp-key.txt. 
  • Do not abuse the vulnerability, for example, by viewing, downloading, modifying, or deleting more data than is necessary to demonstrate the problem.
  • Do not disclose the vulnerability to others until it has been resolved. Once the issue is fixed, please delete all confidential data obtained through the vulnerability.
  • Do not use attacks such as social engineering, physical security attacks, distributed denial of service (DDoS), spam, or third-party tools.
  • Provide sufficient information to reproduce the problem, such as the URL or IP address of the affected system and a detailed description of the vulnerability. For more complex issues, additional information may be required.

Our commitments:

  • Response within 3 business days, with an acknowledgment of the report and an estimated resolution time.
  • No legal action will be taken, provided that you adhere to the conditions outlined above.
  • Confidential handling of your report, your personal information will not be shared without your permission, unless we are legally obligated to do so.
  • Transparency regarding the progress of the investigation and resolution of the vulnerability.
  • Recognition of your contribution as the discoverer in our communications about the issue (if desired).
  • A reward will be offered for each report of a security issue previously unknown to us. The reward will depend on the severity of the vulnerability and the quality of the report.

We strive to resolve any vulnerability as quickly as possible and look forward to hearing from you when you find a vulnerability. We would also like to be involved in any publications about the issue once it is resolved.

Thank you in advance for your help and cooperation.

Security Team
Aalberts Advanced Mechatronics

vulnerability@aalberts-am.com

contact

Interested in advanced mechatronics!

We are here to help. Get advice on how we can develop solutions to your challenges or learn more about our range of propositions.