Frequently Asked Questions
How fast will you address security vulnerabilities?
We aim to address security issues and communicate them to our stakeholders within 90 days (e.g. through security bulletins). While we strive to meet this deadline every time, the complexity and the large number of products and product lines that we support may prevent us from doing so. We will do our best to keep you updated throughout this process when appropriate.
Will I have to sign some kind of Non-Disclosure Agreement?
Can I submit vulnerability information anonymously?
We respect privacy, if you wish to stay anonymous, we will not have further records of your name or identity in any further communication regarding the matter.
Code Aurora Forum Resources