Skip to content

Responsible Disclosure Policy

As a leading solution provider of a cybersecurity platform for SAP customers, the protection of our customers and partners is our highest goal. We use modern tools and processes to test our solutions for defects in the best possible way. Defined quality gates have been established to ensure that program errors that could lead to a vulnerability are detected early in the development process. Likewise, we undergo a separate testing protocol for each package that leaves our premises, which also highlights security aspects.

Updated and Effective: Feb 9th, 2021

Data security is a top priority for NCMI GmbH // SecurityBridge, and we believe that working with skilled security researchers can identify weaknesses in any technology.

If you believe you’ve found a security vulnerability in Issuer Direct’s service, please notify us; we will work with you to resolve the issue promptly.

Disclosure Policy:

  • If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at support@securitybridge.com. We will acknowledge your email within 4 hours.
  • Provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within 24 hours of disclosure.
  • Make a good faith effort to avoid violating the privacy, destroying data, or interrupting or degrading the Issuer Direct service. Please only interact with accounts you own or for which you have explicit permission from the account holder.

Research Policy:

While researching, we’d like you to refrain from:

  • Distributed Denial of Service (DDoS)
  • Spamming
  • Social engineering or phishing of Issuer Direct employees or contractors
  • Any attacks against SecurityBridge’s physical property or data centers.

Thank you for helping to keep SecurityBridge Direct and our Customers safe!

Latest Resources

Mastering NIST & CISA Compliance for SAP

Join us for an enlightening webinar where we simplify these regulatory frameworks, map CISA guidelines to SAP instances, and showcase how the SecurityBridge platform can assist you in achieving your SAP compliance needs.

Top 10 Vulnerabilities in SAP

As we know, SAP (Systems, Applications, and Products in Data Processing) is a widely used enterprise resource planning (ERP) software suite that helps organizations manage various business operations. No digital system is secure by nature or by default - there will always be security challenges, and SAP is no exception. In this article, we discuss the Top 10 vulnerabilities in SAP – how they affect the security of an SAP system, and finally, how to identify and manage them with SecurityBridge.

SAP Security Patch Day – September 2023

Today, September 12th, 2023 brings the release of SAP Security Patches for the extensive enterprise application portfolio developed by the Walldorf giant. SAP released 13 new Security Notes and provided 5 updates to previously released Security Notes.

Working Together for Greater SAP Security: SecurityBridge and Protect4S are Joining Forces

SecurityBridge, a leading provider of cybersecurity solutions for SAP customers, acquired Dutch SAP security specialist Protect4S. Through the acquisition, customers will benefit from an even more comprehensive one-stop-shop software platform that will improve every SAP customer’s security position across all technology stacks.

SecurityBridge and PwC Germany announce partnership to protect SAP systems

SecurityBridge and PwC Germany announce partnership to protect SAP systems.

SecurityBridge zeigt neueste Entwicklungen bei der SAP-Sicherheit auf dem DSAG Jahreskongress 2023

SecurityBridge zeigt neueste Entwicklungen bei der SAP-Sicherheit auf dem DSAG Jahreskongress 2023 In Bremen erfahren Interessierte vom 19. - 21.9.2023, wie sie ihre SAP-Umgebungen mit der Security Plattform von SecurityBridge sicher und zuverlässig schützen.