Introduction
SOSEN Brands Corporation, including its affiliates, is committed to the security of our products and the privacy of our valued customers. We continuously strive to improve our safeguards for security and personal information in accordance with all applicable laws and regulations. This policy outlines the procedures for reporting security vulnerabilities to SOSEN Brands, describes how vulnerability reports will be handled once we receive them, and what you can expect once we receive your report. We welcome reports from our customers and security researchers regarding potential product-related security or privacy issues and vulnerabilities.
Handling Vulnerability Reports
SOSEN Brands appreciates all contributions to our security initiatives and encourages the responsible disclosure of potential product-related security or privacy issues. Our goal is to ensure remedies and/or mitigating strategies designed to address these security or privacy issues are timely implemented.
However, we kindly request that you bear in mind the following when investigating or reporting any issues:
• Do not attempt to access or modify any SOSEN Brands systems, products, or software without authorization;
• Do not modify, destroy, or misuse any data you discover ;
• We request that you please keep all non-public information relating to the reported issues confidential until we have remedied and addressed the issues. We make this request to protect the integrity of the investigation process, safeguard sensitive company information, ensure the privacy and protection of all individuals involved, and prevent false or misleading information from being disseminated. However, this does not impact your right to report issues via any legally protected channels or mechanisms.
External Communications
SOSEN Brands publishes security advisories, notices, and information articles to communicate security vulnerabilities that affect our products.
Security advisories are released to provide guidance or instructions on how customers can protect themselves, mitigate, and/or remediate vulnerabilities once SOSEN Brands has analyzed and identified solutions.
Security advisories are intended to provide sufficient detail to assess the impact of vulnerabilities and to remedy potentially affected products.
How to Report a Security Vulnerability
Timely identification and reporting of security vulnerabilities is critical to mitigating potential risks to our customers. If you identify a new security vulnerability in an SOSEN Brands product, we ask you to report it through the channels listed in this section as soon as possible. All information you report to us is deemed confidential and will be handled with care. Further, any personal data you share with us will be handled consistent with the applicable Privacy Notice.
• For a Hybrid inverter product - Please email security@sosen.com.
When reporting a potential vulnerability, we ask that you include as much information as possible to help us better understand the nature and scope of the concern,
such as:
• Product name and version containing the suspected weakness / vulnerability.
• Environment where the vulnerability can be found (for example: product model number, operating system version, and other related information).
• Step-by-step instructions to reproduce the vulnerability.
• Proof-of-concept or exploit code.
• Potential impact of the vulnerability.
Once you report a vulnerability, you will receive an email acknowledging receipt of your report within seven business days.
If we are able to reproduce the vulnerability, we will evaluate the severity and impact, and assign it to our product engineers for further action. This process can take some time based on the complexity of the issue and the details provided. If you provide your email address, you will receive periodic updates on the status of your report.
For products that are capable of being updated and are within their defined support period, we will provide a suitable solution to all affected customers once we have resolved the reported issue(s).
Please note that SOSEN Brands does not currently offer compensation or bounty payments for reported or substantiated vulnerabilities.
Limitations
SOSEN Brands Corporation, including its affiliates, is committed to the security of our products and the privacy of our valued customers. We continuously strive to improve our safeguards for security and personal information in accordance with all applicable laws and regulations. This policy outlines the procedures for reporting security vulnerabilities to SOSEN Brands, describes how vulnerability reports will be handled once we receive them, and what you can expect once we receive your report. We welcome reports from our customers and security researchers regarding potential product-related security or privacy issues and vulnerabilities.
Customer Entitlements: Warranties, Support, and Maintenance
SOSEN Brands customers’ entitlements regarding warranties, support, and maintenance are governed solely by the applicable agreement between SOSEN Brands and the individual customer. The statements on this web page do not modify, enlarge, or otherwise amend any customer rights or create any additional warranties.
Disclaimer
All aspects of this Product Security Vulnerability Disclosure Policy are subject to change without notice. Response is not guaranteed for any specific issue or class of issues.
Your use of the information on this page or materials linked on this page is at your own risk.
https://www.soseninverter.com
