Introduction
At JPEmbedded, we are committed to maintaining the highest standards of cybersecurity. We have implemented preventive procedures to manage and respond to vulnerabilities and security-related reports affecting our products. Our processes follow the principles and requirements outlined in the IEC 62443 series of standards for industrial cybersecurity.

Contacting Our Security Team
If you discover a security vulnerability or any other security-related issue in one of our products, please send an email to our security team at:
security@jpembedded.eu

Option for Anonymous Disclosure
If you prefer to report a vulnerability anonymously, you may consider contacting a trusted third-party vulnerability coordination service, such as ICS-CERT, or a relevant European/national cybersecurity CERT/CSIRT. Please note that in such cases the coordination organisation may or may not contact us – but you are free to report via those channels.

What to Include in Your Report
To help us analyse the issue effectively, please include as much as possible of the following information:

• Product name and version (or other identifier)
• Description of the vulnerability or security issue
• Steps to reproduce (if applicable)
• Potential impact: what an attacker could do, what data could be exposed or compromised
• Your contact method (unless you wish to stay anonymous)

We will acknowledge receipt within a few business days and – if more information is needed – follow up with you.

Thank you for helping us improve the security of JPEmbedded products.