Security strategy
Public feedback interface
Security researchers can notify iEAST of security vulnerabilities in devices.
iEAST official website: https://ieast.audio
Contact of iEAST support department support@ieast.net
When any vulnerability is identified, update the firmware as follows:
- Vulnerabilities identified by customers, users, etc.
- A security related review meeting must be held immediately and the corresponding solution needs to be presented. In particular, participants must include security technology manager, project development manager, firmware architecture manager, and Technical Director. CVSSv2 will be used as a reference standard for assessing and prioritizing vulnerability.
- According to the solution, the developer performs the specific implementation.
- Code review. Reviewers should include security technology manager and project development.
- Release firmware.
- QA team test the firmware. If there are any problems, go back to step three.
- Code merged into trunk branch.
- The project manager notify customers that they need to update the software and get customer’s upgrade confirmation.
- Perform OTA on the corresponding project.