The Carrier Product Security Incident Response Team (PSIRT) focuses on the identification, assessment, and disposition of the risks associated with security vulnerabilities within Carrier products, offerings, solutions, components and/or services.
Carrier PSIRT is a dedicated team of first responders responsible to deliver advanced support designed to contain and minimize the spread and impact of a product security event, incident, breach, and/or crises.
Carrier encourages reporters, including security researchers, end-users, and vendors, to contact us with any information relating to potential security flaws or vulnerabilities within any of our offerings.
Secure Communication for Vulnerability Reporting
Carrier welcomes responsible disclosure of security vulnerabilities affecting our products and services.
Because vulnerability reports may contain sensitive technical details, we strongly encourage the use of secure communication methods when submitting vulnerability information.
Preferred Secure Reporting Method: Encrypted Content (PGP)
For sensitive vulnerability details, please encrypt your message using OpenPGP (PGP) before sending email. Download full instructions here.
- Encryption: OpenPGP (PGP)
- Public Key: Download Carrier Product Security PGP Public Key
- PGP Fingerprint: 8744 2AB6 27A4 EAB6 A82F 798D 5ED7 A15E 6180 7FB6
Confidence from Discovery to Disclosure
If you believe you have discovered a security issue within any Carrier offering, please complete the form below to help us better understand the nature and scope of your finding:
Receipt of issue/concern notification will be provided within 48 hours.