Cyber Security Incident Response Management

Elektror airsystems GmbH takes the security of its IT systems and products very seriously.
We encourage security researchers, customers, partners, suppliers and internal staff to report potential security vulnerabilities in a responsible manner.

This section serves as the central point of contact for security reports.

Reporting security vulnerabilities

If you believe you have identified a potential security vulnerability affecting Elektror Airsystems GmbH, please contact us at:

E Mail: security@elektror.com

For confidential content, we recommend using PGP-encrypted communication.

Please provide the following information, where possible:

• Your name
  (anonymous reports are permitted and will be respected)
• A contact method for follow-up enquiries
• A clear description of the vulnerability
  (including technical details and potential impacts)
• Information on the affected systems, applications or components

Testing and verification

Once we have received your report, we will acknowledge receipt and review the information provided.
Where necessary, relevant internal departments will be consulted for assessment.

Assessment

Where vulnerabilities are confirmed, we carry out a structured analysis to assess the causes, risks and potential impacts.

Remediation and risk mitigation

Based on the analysis, appropriate measures are implemented to address the vulnerability or mitigate potential risks.

Responsible disclosure

Elektror airsystems GmbH adheres to the principle of responsible disclosure.
Where necessary, public disclosure will only take place once appropriate protective and countermeasures have been implemented.

🔐  PGP encryption

To ensure the secure transmission of security notifications, we provide a PGP public key:

E Mail:
security@elektror.com

PGP fingerprint:
6AF6 C520 FD77 30EF BECE 5690 D45C 4A69 AA75 FC5B

Public key:
Download PGP Public Key 

OpenPGP-compatible software (e.g. GnuPG) can be used for encryption.