Product Security Incident Response Team

Vulnerability and Incident Management Processes

The primary mission of a Rittal Product Security Incident Response Team (RPSIRT) is to manage and mitigate security vulnerabilities and incidents impacting Rittal's products, customers, systems & brand. This involves proactively identifying, assessing, and resolving security issues to protect customers and maintain trust. RPSIRT is the liaison between external security researchers and Rittal product teams. The RPSIRT provides a critical interface to document and fix reported security vulnerabilities in the Rittal products.

Overview of the Rittal PSIRT processes

Rittal delivers products that offer the best quality and reliability. The Rittal Product Security Incident Response Team (PSIRT) supports this by helping to resolve security issues identified in Rittal products by security researchers, partners, or customers.

The Rittal PSIRT process consists of four stages, as shown in the figure below, which are based on the FIRST framework:

Use advanced monitoring tools to detect potential security incidents quickly. Encourage internal and external stakeholders to report any suspicious activity.

Conduct a quick assessment to determine the nature and scope of the incident. Classify the incident based on its impact and urgency.

Implement permanent solutions to address root cause. Include applying patches, updating configurations, or enhancing security controls.

Report incident and its resolution to relevant stakeholders. Conduct post-incident review to evaluate response and any areas for improvement if any.

The 4 steps in detail:

Vulnerability discovery is the process of identifying security weaknesses in software, hardware, networks, and applications that could be exploited by attackers. The PSIRTs establish channels for receiving reports of potential vulnerabilities from various sources, including internal developers, external security researchers, official partners, and customers. They can report a potential vulnerability or incident using a web form or by sending an Email to: psirt@rittal.com.

For Unknown Vulnerabilities, get all the necessary information from the Reporter and validate the consistency. Rittal PSIRT cooperates with the relevant Rittal development teams to investigate and reproduce the vulnerability. Rittal PSIRT performs internal vulnerability handling in collaboration with the responsible development groups. PSIRT teams of our customers may be notified about the problem upfront. During this time, regular communication is maintained between Rittal PSIRT and the reporting party.

After the issue is assessed, it is determined if a fix or mitigation is necessary to address the vulnerability. To the extent possible, the Rittal PSIRT will work with the reporting party to verify and review fixes.
Corresponding fixes will be developed to implement permanent solutions to address the root cause, which may include applying patches, updating configurations, or enhancing security controls, and will be prepared for distribution.

The Rittal PSIRT, in conjunction with the reporting party, will create a disclosure schedule. If public disclosure of the vulnerability is agreed upon, the Rittal PSIRT will release a Security Advisory on the Rittal Website (psirt.rittal.com) in coordination with the reporting party's potential publication plans.

A security advisory usually contains the following information:

  • Rittal Security Advisory ID
  • Description of the vulnerability with CVE reference and CVSS score
  • Identity of known affected products and software/hardware versions
  • Information on mitigating factors and workarounds
  • Timeline and the location of available fixes or other remedial measures
  • With the reporting party's consent, recognition will be provided for reporting and collaboration.