The Weidmüller PSIRT (Product Security Incident Response Team) is your trustworthy partner when it comes to the security of our products. We specialise in identifying, analysing and resolving security incidents quickly and efficiently. Our aim is to ensure the integrity and security of our products and to strengthen the trust of our customers. Through proactive measures and close co-operation with all parties involved, we ensure that our products always meet the highest security standards.
Certified according to IEC 62443-4-1
We continuously monitor the security of our products. In addition to receiving vulnerability reports through our mailbox, we strategically integrate various vulnerability information systems.
Vulnerabilities are analyzed through various iterations in our process. For assessment, we use our Vulnerability Rating System, which determines the severity of a vulnerability.
Each vulnerability undergoes an individual remediation plan to provide our customers with a solution as quickly as possible. We disclose Security Advisories in accordance with established standards.
Vulnerability management requires the coordination of numerous professional and technical disciplines. To successfully integrate all aspects, we rely on intelligent mass data processing that supports the various subprocesses in a tailored manner.
Through a high degree of technical automation, we ensure that our processes are significantly more efficient in comparison. This enables us to respond quickly and precisely to new threats and provide our customers with optimal protection.
The Vulnerability Rating System provides a multidimensional view of a vulnerability and is the heart of our vulnerability management process. It takes into account the effects of a vulnerability on a specific Weidmüller product in a generic approach and thus assesses the probability of a threat to our customers.
The assessment takes place in several iterative steps, incorporating both external and internal information.
We rely on continuous measurement of process throughput times to ensure ongoing optimization. Full transparency down to the development department allows us to trace every step and ensure the highest quality. Our central control center monitors all subprocesses and ensures efficient coordination.
Continuous improvement is not just a principle for us but a practiced reality. Based on recorded process data, we continuously optimize our procedures.
We set ourselves high standards for the time it takes to address a vulnerability, which also go beyond market standards. This time is measured end-to-end, from the initial confidential information about the vulnerability to the publication of a remediation. We prefer the coordinated vulnerability disclosure approach to inform affected parties specifically and in advance if necessary.
Published security advisories can be found at the Security Advisory Board , or at CERT@VDE .
We are cooperation partner of the CERT@VDE.
As a neutral, non-profit platform, CERT@VDE supports its partners in matters of cyber security in products of the automation industry, in order to enable fast, structured and professional editing of security vulnerabilities.