Forum Discussion

u21h2's avatar
u21h2
Icon for Nimbostratus rankNimbostratus
Sep 26, 2021

Email of security team?

Hello, I want to ask about the contact email number of your company's security team. I have some security issues about WAF that I want to report to your security team. I think it’s better to discu...
F5 Rules for AWS WAF
security
Daniel_Wolf's avatar
Daniel_Wolf
Icon for MVP rankMVP
Sep 26, 2021

From K4602: Overview of the F5 security vulnerability response policy

 

Reporting suspected vulnerabilities

F5 welcomes any reports of suspected vulnerabilities or other security concerns with F5 products.

If you are an F5 customer with an active support contract, please contact F5 Support.

 

If you are not an F5 customer, please send an email to f5sirt@f5.com. An engineer will contact you and will work with you to gather the necessary details to determine an appropriate course of action.

 

To send an encrypted message to F5, use this F5 Security Incident Response Team (SIRT) public PGP key, which is also available on multiple public key servers.

 

In cases where responsible disclosure is followed, and at the reporter's request, F5 provides attribution to reporters within a public AskF5 article.