Our solutions for your control roomView all our solutions

One software solution for all your integration needs;

Our system integrations for your control roomView all our integrations

Our open integration platform can easily connect to other systems.

Everything you need to know about our companyOur Company

Entelec is a software company that develops management tools for physical security systems.

All the sectors that make use of our software solutionView All Our Case Studies

Our case studies cover a variety of vertical markets. See how Sky-Walker can offer solutions for your vertical.
Disclosure

Disclosure

ENTELEC CONTROL SYSTEMS DISCLOSURE

Last updated February 29, 2024


At Entelec Control Systems, safeguarding the integrity of our systems is paramount. While we take great care to ensure the security of our systems, there is always a possibility of vulnerabilities. If you identify any vulnerability or security loophole in our systems, be it physical or digital, please inform us promptly so that we can swiftly implement necessary security measures. We value collaboration in enhancing the security of our systems, protecting our customers, and preserving our ecosystem.



Scope


This policy is relevant to all concerned parties and stakeholders associated with Entelec Control Systems, encompassing any of our services and platforms.



Audience


We seek cooperation from the following audiences within the specified scope, including but not limited to:


  • Website Visitors
  • Visitors to Entelec Control Systems premises
  • Employees and Staff
  • Customers
  • Contractors and Partners
  • Prospects
  • ...



Protocol


What we request you to do


Should you discover a vulnerability, kindly follow these steps:


  • Furnish sufficient information to replicate the problem for a prompt resolution. Typically, details like the IP address or URL of the affected system and a description of the vulnerability are sufficient, but more complex issues may require additional information.
  • Email your findings to info@entelec.be.


What we ask you NOT to do


Upon uncovering a vulnerability, kindly refrain from:


  • Exploiting the issue by downloading excessive data, viewing, deleting, or modifying data from third parties.
  • Sharing the problem with others before its resolution. Additionally, promptly erase any confidential data obtained through the vulnerability after its closure.
  • Engaging in physical security breaches, social engineering, distributed denial of service, spam, or any action that damages our platforms and impacts system performance.


Please be aware


There is a legal protocol to be followed (see legal reference below). Any illegal access to our systems will be prosecuted to the fullest extent if this regulatory protocol is disregarded.


What you can expect from us


  • We will acknowledge your report within 5 working days, providing an initial assessment and an expected resolution date.
  • If you adhere to the conditions and legal requirements outlined by cyberlaw, we will not take legal action against you concerning the report.
  • Your report will be treated confidentially, and we will not share your personal data without your permission unless legally obligated to do so.
  • Upon request, we will keep you informed of the problem-solving progress.
  • In notifying you of the reported issue, we will mention your name as the discoverer if you desire.


Publication of the vulnerability or resolution


Only Entelec Control Systems has the authority to communicate and publish information on discovered vulnerabilities. No publication is allowed without prior agreement and validation by Entelec Control Systems.



Courtesy


This responsible disclosure policy is modeled after the open-source project under the Creative Commons v3 license: https://responsibledisclosure.nl/



Legal reference


Please be aware that reporting any vulnerability is subject to legislation.


As Entelec Control Systems HQ is situated in Belgium, the Belgian law on vulnerability disclosure applies.


In summary (quote from the website of CCB):


  • Limit yourself strictly to the facts necessary to report a vulnerability, avoiding actions beyond what is necessary and proportionate for verification.
  • Act without fraudulent intent or the intention to harm.
  • Inform the organization responsible for the system, process, or control of the vulnerability as soon as possible after its discovery.
  • Report the discovered vulnerability promptly to the CCB (in the absence of a CVDP), in writing and following the procedures described in point D of the CCB policy.
  • Do not publicly disclose information about the discovered vulnerability without the agreement of the national CSIRT (CCB).


More information: https://ccb.belgium.be/en/vulnerability-reporting-ccb



General company info


Website: https://www.entelec.eu/

Contact: https://www.entelec.eu/contact

VAT: BE 0543.803.378 (Belgium)


Entelec Control Systems HQ

Wetenschapspark 25

3590 Diepenbeek

Belgium

Phone: +32 11 30 30 01

Share by: