Building a secure, connected future
SMARTNEXUS SECURITY CENTER
At SmartNexus, we are committed to safeguarding your data and IoT assets. We continually monitor and improve our technology, infrastructure and processes so that you have the highest resistance to intrusion and disaster.
The security of our systems is a top priority. However, no matter the effort put into system security, vulnerabilities can still surface. SmartNexus asks for your help to better protect our clients and our systems.
Should you discover a vulnerability:
- Write up the problem. Please provide enough information to reproduce the problem so we will be able to resolve it as quickly as possible. Usually, the IP address or the URL of the affected system and a description of the vulnerability will be enough, but complex vulnerabilities may require further explanation.
- Encrypt your message using our PGP key to prevent this critical information from falling into the wrong hands.
- E-mail your findings to SmartNexusSecurity@Flex.com.
- Do not take advantage of the vulnerability problem you have discovered.
- Do not reveal the problem to others until it has been resolved.
- Social engineering and denial of service attacks are not permitted or a part of the platform’s acceptable use.
SmartNexus strives to resolve all problems as quickly as possible and we would like to play an active role in the ultimate publication of the problem after it is resolved.
SmartNexus will respond to your report within 3 business days with our evaluation of the report and an expected resolution date.
SmartNexus will handle your report with strict confidentiality, and not pass on your personal details to third parties without your permission.
SmartNexus will keep you informed of the progress toward resolving the problem.
SmartNexus will recognize researchers and their discoveries with a mention on the SmartNexus Security web page unless they would like to remain anonymous.
Thanks for the lookout
As a token of our gratitude for your assistance, we offer a reward for every report of a security problem that was not yet known to us. The amount of the reward will be determined based on the severity of the leak and the quality of the report.