If you have discovered a vulnerability in a system, network, or application of the KORE Group (which includes the parent entity and all affiliates and subsidiaries), we would like to know about it so we can take appropriate action to remediate the issue as soon as possible. We will outline the rules of engagement below, which both KORE and you must follow.
At KORE we take information security very seriously. We understand no system can ever be fully secure and therefore we always keep in mind that vulnerabilities may exist in our systems. Because we consider the confidentiality and integrity of our customer information a top priority, we would like you to notify us in case a vulnerability has been identified within our systems.
Our Responsible Disclosure Policy consists of a set of rules that both KORE and the person reporting the vulnerability should adhere to. Please note that KORE does not have a so-called “bug bounty program” by which it may provide (high amounts of) financial rewards to the identifier of a vulnerability.
To be able to report an identified vulnerability in any of our systems to us, you should contact security@korewireless.com. To safeguard the confidentiality and integrity of the information we would like you to encrypt the information. Our public key is listed below or can be retrieved from usual PGP key servers. Our key ID is 1BAF317C, 4096 bits RSA, created on 2019-05-03, expires 2024-05-03, with key fingerprint:
Key fingerprint = 7E080B7582A490431019B4B2FF842ABC1BAF317C
The easiest way to retrieve our key:
gpg --recv-keys 1BAF317C
Below is our public key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFzMNn0BEAC4OwqIhJ2DPPexNISn9pnQ9pHkIk90N0aszpQAFtwCqEYGobDR
GebY2NIGbmGGPUs8UEZk/B2/AtXuw4Pc0w2YGTkB9M3whI/0pgV1NHQH7ICI8aRr
xKG9/IYJpbCRqBtOALzP7O1MqODgw7hf2h6caKb6JWuBVE2+ukei2VaIcM3cXzT4
akUGaxJTihaNxyVYr+E43E2oJRTZrD5tlzZ9axo3j8Ri0AnNJYOM51zpHiWHoUo/
ZO7+b84XpVu1kNYgFMkirsxxHWFmxpENUd5ktk0dnyiZxABZFmiVA9mMmPFAI5Rn
oJXi0ToUUieKFJyOx7V1AGthRcQxJDfD7NJCkDiQRQTQIEP0O+hinxJy6JyaSyYi
+2Yrpe4OREkReUODdECA/QuVOlyw0SnLdSfJIrtgiba7yaEelP3zhhCZL8d4vlnf
KxDYoD7XsJo/A+SvSQ/qHaJOeLM6u5sIarYrzqkL1a57+waYzMLESgLpxpFiUe/O
cHRt0sAuT9MGdIf99zjXTifsJUvARlxmvHDlWTze4Fk/hJgyeXZfXPBY1KDgqtFq
UJenhjE2tXEiyLQqQRxBmE4QmWBL9kA/pM+UkaoN8zAnhsnp9yCFCk6e5PYZkIQw
cwCYGgSBdAW3Ecu1Ue6+AjB7th8gZDo4FXHaT9qXTXCBmHNXZcio88gxuwARAQAB
tClLT1JFIFNlY3VyaXR5IDxzZWN1cml0eUBrb3Jld2lyZWxlc3MuY29tPokCVAQT
AQgAPhYhBH4IC3WCpJBDEBm0sv+EKrwbrzF8BQJczDZ9AhsDBQkJaH8jBQsJCAcC
BhUKCQgLAgQWAgMBAh4BAheAAAoJEP+EKrwbrzF8XPcP/0nJsia2ruSqejzNvHOc
F78jx6QVNDLxBQYEis7HZ7O80XByxzvN9yZqUxLwjHvkJC6N3f6wYZcRn89VXRrt
ea3Xqutcv5zH4DmtCMHc9HxT4ylEt+tQMsw+3wrm6LQ21QWeHaTSkiafCE8KE6mh
UrYOGjewLSWt5PtN+kaZhgmxl5Jmg+v0uathDcAW5syZ6HEfD5O4B66OiLmE4FvO
Jq//5lrKEv+COFlnGVIPJCuTus04sryJuOqU7qg5v+G9vbS+PH5cfNUZcPuPjAzY
BMiLqtodfsC3nesaE0k2EmZOpt3aCJzc4eI8BEqbwWT491hgd27KSQgprNYgCtuB
oKX24YpYsYJjkp/PopjEypEE1bqm34pFyP6+FBMQthAZBf8t3zLQAenLboIKQhOL
b/RQQws50bWEXktOmFcK+LOR1ucliswWfv3lYOc1ihe51WywtP8pfirzyVSlkfS9
dQQvxMcX6+tCmk2dmy/tkwbXQOASTZUdCZhel494wCEpEQpdhgD3NmzGaqUvhCWk
MMAG5kcecTqgcxF6LnHWgXP+InOglXzwe6jGe9RJ+GfNKKZ4k0YsdmZtkgS9yKkp
NbBaWsJxe6RCFLr0ljffQFCR/rsIgeUBtTj306hCQP7+mNTStFuJ1eY1tmflMm5R
R2Bxe/mxajiz/v7XosDIryzsuQINBFzMNn0BEACgdHw/6DEoUNu1068UL8+G7g0z
KUNIFN7VsI98R+0kaNr9MeW14YPaT6SiC+Z9KcwFzTDmNVI+bUHrAv+T1kAivOHg
FWKnHJ8dfxKYxPZYiFd6NZtltyYF5o11xUijUI6l+Uj3EkFQBgrUNR4IAWq3IJcX
5HzVBLTMWBP5W5NmenL5MyXIwCapODoajGHC25xlAzC66C6ggX3fosm8oJ71ZIKD
zsgzb0LaPdzHhd7nkgJ/EBKIVeNZSGsN3lff1L9ry0fNkmkOE4/PP6CptcwQN9We
UcG7UOVntbdhASD1f5gU/Oc7VaUvg6Dwxh2mUmvHvd1y0VAPa+yQEDRNv7ZMr4Z2
/Tgh0Ecsv8Pn596keF1BxHesOOCqfk3iFRMkaHpGFh+zAZeBY8emJHRQGfjVXI2g
1sJZYP3FQrKrbItZJXD966dVTzAnk9HPcRJ63e/tc6Dl/rWyAhP8hxB3uDl0BnbC
ZEAauxtlm/ABKK98YHf7deEbgFp3SbI/FgUqUBsoMCLAG1QkYdI8Ns0gSQBtfV1W
GiOQ45X/rnsWnWHRLpSEIzsw/AmTA4FylQxseidFz8vNeLSZ0qlAPMOhieYSrDJn
dJEiKCy8NiUGVIYeCceJPQkj/WTFGs26KvCX0k769nzWuUTScBWACPDvPS3hvFva
YY9313FA/TWAQM2M7wARAQABiQI8BBgBCAAmFiEEfggLdYKkkEMQGbSy/4QqvBuv
MXwFAlzMNn0CGwwFCQlofyMACgkQ/4QqvBuvMXxFzw//ZgbkHsyHza3Bm73Q3hs0
u5sx3Ua1UzNehuW+q7ssIZWyU6Mm4NbDBcgjLnp1Y7tvwwE3VNlQ7diSInhku25f
avC6N0lZHS/0tniZfySp7H01Bke8lbFHKVVNYIRmtNKJyebgZqRoSh8fREJGS7pe
WuCG+mPFwhXauROHR5U1bhLGBO+itBRZBuYU2sPcyE43PWZlJzWHGtKiiQOyb68r
BXuAaZMWHWzf7bKimkIvNYeD5o6oGPHftCC/AJ6dNwaRgrz2H/lJAAZKLtxABzxF
oi8+0yR1T+vDmtxUkMdIeSJzahSayR8Mr5XjKZHvgwH9THVha+gYWVAWXyDxs5+2
HRbd4/hjl7rskrvNPubyuXeD9qwSsTty5z3F2OKjgXIO+G0xajk8Qo70s7UnQfLS
YgvQN15yJDaIWaRASPqwLF+2oMG619hDpoKBZyqdk7NnehdlSjXvLVusfsMKRadz
5bViyBPj7GDqzlJgkCL4E8L1SsCSzYgfeZKyNDG0BRoBBgPGZw5gbLEB4lalzwAr
e7uNtIf3kZwyWY0T7LqyZ/rKAyGVt8SQbDMVf9/tUGyHTCqQJhFAL0dAWy5nijba
kmX/uzLLhlV//Dp6NYfvFGhSeMIrA/Us+t9hEsFt/KeM7q1zAlBt+KBVVLHhuoQ1
6dx15Z8BEr9XTddw65R7HKg=
=/ZV6
-----END PGP PUBLIC KEY BLOCK-----
In case you hack one of our systems and you do not adhere to the rules of engagement as outlined in this procedure, then KORE will always report the incident to the Police.