PSIRT

This message will disappear after all relevant tasks have been resolved.

Semantic MediaWiki

There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.

1. PSIRT - Product Security Incident Response Team

ST's Product Security Incident Response Team (ST PSIRT) supervises the process of accepting and responding to reports of potential security vulnerabilities involving ST hardware and software products.

ST places a high priority on security, and ST PSIRT is committed to rapidly addressing potential security vulnerabilities affecting its products. ST, thanks to its long history and vast experience in security, is able to perform clear analyses and provide appropriate guidance on mitigation and solutions, when applicable.

If you detect a potential security vulnerability regarding our products, we encourage you to report it to ST PSIRT by following the steps described on the PSIRT webpage^[1]. This is

Your entry point for security vulnerability exchanges
A repository page including security related documents
- Security advisories
- Security notices (some product-based notices are also published on product pages)

The PSIRT webpage^[1]

Addresses most of STM32 deliverables
- Device or ICs
- Software
- Tools
- Ecosystem
Supports ethical security responsibilities
- Open to anybody respecting our chart
  - With confidentiality
  - Includes embargo management
Follows the flaw reporting procedure in compliance with the security standards ISO/IEC-29147 (Vulnerability Disclosure) and ISO/IEC-30111 (Vulnerability Handling Processes)
Is mandatory to pass security certifications, such as ARM PSA / ISO21434 and Global Platform SESIP
Is part of SESIP3 certification target document
- Flaw remediation process

PSIRT is an ST corporate approach.

2. References

↑ ^1.0 ^1.1 PSIRT

[:0-1] 1.0 ^1.1 PSIRT

[1]