As a global technology leader, Barco is committed to delivering secure solutions, products and services.
We are constantly working on improving our security processes, therefore, we encourage security researchers to responsibly report security vulnerabilities and security incidents.
If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. We would like to ask you to help us better protect our products and our systems.
We encourage all researchers to follow the following guidelines (responsible disclosure).
- In case you experience issues using the support portal, please mail your issues with the support portal and your security findings to psirt@barco.com (less preferred method, will be deprecated in the future).
- Do not download more data than necessary to demonstrate the vulnerability or deleting or modifying other people's data, (e.g. if a vulnerability provides unintended access to data: Limit the amount of data you access to the minimum required for effectively demonstrating a Proof of Concept; and cease testing and submit a report immediately if you encounter any user data during testing, such as Personally Identifiable Information (PII), Personal Healthcare Information (PHI), personal data, credit card data, or proprietary information)
- Avoid violating the privacy of others, disrupting our systems, destroying data and/or harming user experience
22 March 2019 v1.0 - based upon https://www.responsibledisclosure.nl/en/ (Creative Commons Attribution 3.0 Unported license) and https://disclose.io/ (Creative Commons Attribution 4.0 International License)
05 April 2019 v1.1 - Clarification about possible bounties
27 May 2019 v1.2 - Request for one finding per mail - clarification about 'business days'
8 July 2021 v1.3 - Guide Barco customers to log a support ticket instead of using psirt@barco.com
5 October 2023 v1.4 – Migration towards Support Portal and updated/removed policy statements