Newsletter
Exclusive expert tips, customer stories and more.
Privacy, cybersecurity and transparency
At Dallmeier, topics such as privacy, cybersecurity and transparency have the highest priority.
That is why we enable our customers and partners, our employees and other “interested parties” to find all relevant information quickly and in a structured manner or to contact us directly. In doing so, we go far beyond what is legally required.
Reporting
Do you want to report a security incident?
Then your first point of contact for all incidents is the central reporting office, the “Security Incident Response Centre (SIRC)”.
Please send your report via email to si@dallmeier.com
The Dallmeier SIRC is the central reporting point for all incidents regarding potential vulnerabilities, threats or other security events. In case of product-related incidents, the SIRC also acts as the Product Incident Response Team (PSIRT).
The SIRC is authorised to respond to all cybersecurity reports concerning products, solutions, services and services and to provide information and has the following tasks:
- Control all investigations
- Communication with the incident notifier
- Involving internal departments such as the Product Security Incident Response Team (PSIRT) or the Data Protection Officer
- Disclosure of security incidents and, if necessary, the associated reporting obligations to external bodies (e.g. BSI, data protection)
A security notice is published for confirmed vulnerabilities as soon as a solution is available. If the situation requires it, a security advisory with measures to be taken will be issued before an update is available.
A collection of Dallmeier Security Advisories can be found here.
How is the report submitted?
The Dallmeier SIRC processes every incident report together with the respective reporters in a trustworthy and professional manner. Neither a non-disclosure agreement (NDA) nor any other contract is necessary or a prerequisite for cooperation.
Please include as much information as possible in one single report to speed up processing.
Send an email to our Security Incident Response Centre (ticket system) at si@dallmeier.com with the following information:
- Who reports (contact details)?
- Which IT system or product line is affected?
- Version number?
- How did you work with the system?
- What did you observe?
- Type of vulnerability?
- When did the event occur?
- Where is the affected IT system located?
Who can report an event?
Reports on potential vulnerabilities, threats or other events are expressly welcome from everyone – regardless of customer status.
Many Dallmeier products fulfill important protective functions and are used in Critical Infrastructures. Dallmeier therefore asks for cooperation in the context of a coordinated disclosure of vulnerabilities and at the same time asks to refrain from premature publication of vulnerability information.
Dallmeier respects and takes into account the various interests of a reporter and encourages the reporting of information to the Dallmeier SIRC. We follow the process of a Coordinated Vulnerability Disclosure.
Additional resources
Would you like specific information on data protection, are you a whistleblower or are you looking for Security Advisories?
Then the following resources will help you:
Security Advisories
Further information
Brochure
Video + Data Security
Video Extra
Cybersecurity
Best Practice Guide
Cybersecurity
