Blancco is committed to security in its products and takes all reported matters very seriously. Any vulnerability identified will be investigated thoroughly and, if affecting the key security elements of the product, escalated to the highest priority within the appropriate team.
The following contents describe Blancco’s official process for handling and remediating prospective vulnerabilities found in our products.
Communication of Information
Identified issues should be reported by filling an Incident request on Blancco’s technical support site:
More information about the Incident creation process can be found from the Technical Support Portal - Quick-start Guide.
Alternatively, an email can be sent to firstname.lastname@example.org; this will result in an automatically generated ticket.
In order to deal with the reported issue more effectively, please provide as much supporting information as possible, such as an Issue Report (Blancco Driver Eraser and Blancco Mobile Device Eraser), detailed information about the environment used or steps to recreate the issue.
When you have submitted a ticket, it will be assigned a tracking ID and a response will be given with details of the steps that will be followed in order to resolve the issue. If it is not possible to resolve, validate or recreate the issue, you will be issued with this information directly.
Disclosure of Vulnerability
For the protection of other users of Blancco software, it is strongly requested that you do not publically issue any information about the identified vulnerability. Blancco will coordinate a public response with you if necessary. Blancco also respectfully asks that you provide us with sufficient time to investigate and resolve the issue.