{"id":47956,"date":"2022-12-13T16:16:11","date_gmt":"2022-12-13T16:16:11","guid":{"rendered":"https:\/\/myenergi.com\/?page_id=47956"},"modified":"2022-12-13T16:16:11","modified_gmt":"2022-12-13T16:16:11","slug":"vulnerability-disclosure-policy","status":"publish","type":"page","link":"https:\/\/www.myenergi.com\/nz\/vulnerability-disclosure-policy\/","title":{"rendered":"Vulnerability Disclosure Policy"},"content":{"rendered":"\n\n<div id='block-header-basic-block_e11107d9db87518ebb4aafbdd5d1fcb5'  class='flexi-block header-basic-block pt-8 lg:pt-16 pb-8 lg:pb-16 relative '>\n\n\n    <div class=\"relative \">\n\t\n\t<div class=\"container flex flex-col mx-auto    justify-end py-11 md:py-9 lg:py-11 \">\n\t\t<div class=\"first-mt-0 \">\n                            <h1 class=\"h2 lg:h3 !mb-0\">\n                    Vulnerability Disclosure Policy                <\/h1>\n                    <\/div>\n\n\t\t\t<\/div>\n    <\/div>\n<\/div>\n\n\n\n<div id='block-simple-content-block_baaa4a51951726f1f66d097de20e334f'  class='flexi-block simple-content-block pt-0 pb-8 lg:pb-16 '>\n\n    <div class=\"container mx-auto wide-container\">\n\n        <div class=\"content-inner bg-white rounded-2.5xl \">\n\n            <div class=\"mx-auto first-mt-0 last-mb-0 max-w-[90%] xl:max-w-[990px]  \">\n\n                <div class=\"page\" title=\"Page 1\">\n<div class=\"layoutArea\">\n<div class=\"column\">\n<h3>Background<\/h3>\n<p>At myenergi we care about ensuring our products are safe and secure whilst they operate in your home. Your myenergi products include security features that protect your device against evolving cyber threats.<\/p>\n<p>New cyber threats are discovered across the world every day, so it is important you keep your myenergi device up to date with the latest firmware to ensure you benefit from the latest quality and security updates. For most devices, you can check the firmware of your myenergi device and update it in the myenergi app.<\/p>\n<p>The myenergi system is designed to be reliable, secure and to keep your data confidential. This ensures your product performs in a reliable and safe way, to protect you, your home, and the energy grid from damage.<\/p>\n<h3><\/h3>\n<h3>Vulnerability Disclosure Policy<\/h3>\n<p>myenergi recognises the role that the security community and our customers play in keeping our products and all our customers safe. We welcome reports from customers or security researchers, if a suspected security vulnerability is discovered in our products, software, or servers.<\/p>\n<p>We value the time and the effort involved in reporting vulnerabilities to us, however we do not offer monetary rewards (sometimes referred to as \u2018bug bounties\u2019) for discovered vulnerabilities.<\/p>\n<p>For the safety and security of our products and customers, myenergi does not disclose information relating to security vulnerabilities until a suitable fix has been implemented.<\/p>\n<p>\u00a0<\/p>\n<p>You can report a vulnerability to us using the below link\u00a0If you discover a suspected vulnerability:<\/p>\n<\/div>\n<\/div>\n<div class=\"layoutArea\">\n<div class=\"column\">\n<div class=\"page\" title=\"Page 1\">\n<div class=\"layoutArea\">\n<div class=\"column\">\n<p>When making your report to us please let us know the following information:<\/p>\n<ul>\n<li style=\"list-style-type: none\">\n<ul>\n<li>The IP address and port the vulnerability was found. (If applicable)<\/li>\n<li>The nature of vulnerability (for example Arbitrary File Upload)<\/li>\n<li>The product(s) affected (if applicable)<\/li>\n<li>The firmware version(s) or App Version(s) you suspect to be vulnerable (If applicable)<\/li>\n<li>The steps you took to discover the vulnerability.<\/li>\n<li>If a CVE is known for this vulnerability, please provide the CVE. (See CommonVulnerabilities and Exposures. <a href=\"https:\/\/cve.mitre.org\/\" target=\"_blank\" rel=\"noopener\">CVE &#8211; CVE (mitre.org)<\/a>\n<div class=\"column\"><\/div>\n<p><a href=\"https:\/\/myenergi.com\/submit-a-vulnerability-report\/\" target=\"_self\" class=\"mt-3 mr-2 btn  !bg-green !border-green !text-greydark \" rel=\"noopener\">Report a Vulnerability <\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u00a0<\/p>\n<p><strong>Our commitment to you:<\/strong><\/p>\n<ul>\n<li>We\u2019re grateful for the support from the security research community. We will not take legal action against you for disclosing a vulnerability with us<\/li>\n<li>We\u2019ll investigate your report and take action in a reasonable timeframe<\/li>\n<li>We\u2019ll acknowledge your efforts and support (if desired) in our software release notes<\/li>\n<\/ul>\n<h3>\nActing within the law<\/h3>\n<p>Please ensure you act in a lawful manner when interacting with our products, websites, or servers. The following is prohibited. This is not an exhaustive list, and you should always consider the current legislation:<\/p>\n<ul>\n<li>Any activity outside of the law.<\/li>\n<li>The use of aggressive or invasive automated scanning tools, such as port scanners or vulnerability scanners.<\/li>\n<li>Creating server demand which could result in a Denial of Service.<\/li>\n<li>Social engineering our customers, staff, or suppliers.<\/li>\n<li>Breaching data protection legislation by exposing or accessing the data of customers, staff, or suppliers.<\/li>\n<li>Uploading malicious payloads to our products or services.<\/li>\n<\/ul>\n<div class=\"layoutArea\">\n<div class=\"column\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n            <\/div>\n        <\/div>\n    <\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-47956","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.myenergi.com\/nz\/wp-json\/wp\/v2\/pages\/47956","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.myenergi.com\/nz\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.myenergi.com\/nz\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.myenergi.com\/nz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.myenergi.com\/nz\/wp-json\/wp\/v2\/comments?post=47956"}],"version-history":[{"count":0,"href":"https:\/\/www.myenergi.com\/nz\/wp-json\/wp\/v2\/pages\/47956\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.myenergi.com\/nz\/wp-json\/wp\/v2\/media?parent=47956"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}