Reporting A Potential Security Vulnerability
NetIQ is committed to providing secure enterprise software to its customers. While we employ secure product development practices in our engineering process, we recognize that not all vulnerabilities may be avoided. We are committed to providing a quick response for potential vulnerabilities reported from the field.
Potential vulnerability reports can be submitted directly to NetIQ via security@netiq.com or through TippingPoint's Zero Day Initiative. When submitting a report please include the product name, version, and general description of the potential vulnerability.
NetIQ’s policy is to respond to all potential vulnerability reports within 5 business days. Once an initial response is provided, NetIQ will continue a dialog with the submitter until the potential issue has been analyzed and resolved.
For vulnerabilities that are found to be legitimate, credit will be given to the submitter when a remedy for the vulnerability is made available to the public.
