IBM Product Security Incident Response Program
Customers, industry analysts and other organizations recognize IBM as a leading provider of Information Technology offerings that are of high quality, reliability, function, and integrity. IBM focuses on security, quality assurance and value through all stages of innovation as well as throughout the development lifecycle for components, products and solutions. The company has an ongoing internal initiative for Secure Engineering that works to address the dynamic nature of security, the changing requirements for IBM and its customers, as well as the evolution of Information Technology. This continuous commitment to improve product security remains a constant differentiator for the company. However, we realize that addressing product security does not end with the release of an offering.
The IBM Product Security Incident Response Team (PSIRT) is a global team that manages the receipt, investigation and internal coordination of security vulnerability information related to IBM offerings. The IBM PSIRT is a focal point that security researchers, industry groups, government organizations, and vendors can contact to report potential IBM product security vulnerabilities. This team will coordinate with IBM product and solutions teams to investigate and, if needed, identify the appropriate response plan. Customers of IBM offerings should continue to report all product related issues, including potential security vulnerabilities, to IBM Technical Support. IBM intends to keep the vulnerability reporter informed of progress towards delivery of any necessary remediation.
IBM participates in several industry information sharing forums and organizations, including: