Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-3271: Centrify Product Support Policies - Vulnerability Disclosure Policy

Centrify DirectAudit ,   Centrify DirectControl ,   Centrify Identity Service, Mac Edition ,  

12 April,16 at 11:41 AM

All vulnerabilities in Centrify products will be disclosed to customers who have opted in to Centrify support announcements in a vulnerability notice no later than two (2) business days after the initial report to Centrify, regardless of the existence or availability of a patch or workaround.

Centrify monitors CERT Advisories and assesses the impact of such advisories on third party and open source code incorporated into Centrify products. Where an advisory relates to source code incorporated into a Centrify product, within five (5) business days of receipt of such advisory, Centrify will create a vulnerability notice, post it on its support portal and notify all customers who have opted in for email updates from Centrify.

Centrify will make commercially reasonable efforts to resolve the issue or provide a workaround in the shortest time possible.

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.