Cyber security
La Corporation Strøm Inc. is committed to maintaining a high level of security for its products and infrastructures. However, due to the rapid evolution and complexity of security, vulnerabilities may appear unintentionally. We encourage anyone who detects a vulnerability to report it to us as soon as possible via our web page dedicated to reporting vulnerabilities.
If you identify a vulnerability, please submit a detailed report to the following address: [email protected]. Your report must include the following:
• Detailed description: A clear description of the vulnerability, including the code or steps required to replicate the problem.
• Proof: Screenshots or video recordings showing the vulnerability.
• Potential impact: A justification of the possible impact of exploiting the flaw, and the impact on our organization or our customers.
• Suggested fix: If possible, a proposed solution to address the vulnerability.
Once you have reported the issue, our security team will follow these steps:
• Confirmation: Replicate and confirm the vulnerability as described in your report.
• Assessment: Determine a severity score based on the CVSS 4.0 standard.
• Action plan: Consider the recommendations included in the report and create an action plan with the teams concerned.
• Communication: Communicate with the person who made the report until the problem has been resolved.
Please keep the report and its contents confidential until the patches are released for production. Please also note that abusive, illegal, malicious or inappropriate exploitation of a reported vulnerability may expose you to civil or criminal liability. An action is considered abusive or inappropriate when it compromises confidential internal or customer information in an excessive or disproportionate manner, or when it is carried out for a purpose other than the demonstration of a vulnerability.
We appreciate your cooperation in maintaining the security of our products and infrastructure. Thank you for contributing to our commitment to security.