Global Sales Contact List

Contact   A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

EMC Product Security

Building Trust with EMC Product Security Programs

Product Security Response Center

EMC follows industry best practices in managing and responding to security vulnerabilities in our products to minimize customers’ risk of exposure.

Minimizing Customer Risk

EMC takes every step possible to minimize customer risk associated with security vulnerabilities in EMC products. All vulnerability claims are investigated and validated according to industry guidelines before EMC creates, qualifies, and delivers the appropriate remedy to customers.

Reporting Vulnerabilities

If you identify a security vulnerability in an EMC product, please report the problem immediately. Timely identification of security vulnerabilities is critical to eliminating potential threats.

Customers, partners, and other entitled users of an EMC product should contact EMC Technical Support to report security issues discovered in EMC products. The EMC Technical Support team in collaboration with the appropriate product team and the EMC Product Security Response Team will work together on addressing the issue.

Security researchers, industry groups, vendors, and other users that do not have access to EMC Technical Support can send vulnerability reports via e-mail to Please encrypt your message using the EMC’s PGP key, which you can right-click to download or view from this link EMC PSRC PGP Key.

Security Response

After investigating and validating a reported vulnerability, EMC creates and qualifies the appropriate remedy. Once packaged, EMC communicates the remedy to customers through EMC security advisories. Customers can subscribe to EMC security advisories via EMC Online Support at

Customer Rights: Warranties, Support, and Maintenance

EMC customers’ rights with respect to warranties and support and maintenance—including vulnerabilities in any EMC software product—are governed by the applicable agreement between EMC and each customer.

The statements on this web page don’t modify or enlarge any customer rights or create any additional warranties. Any information provided to EMC regarding vulnerabilities in EMC products—including all information in a product vulnerability report—shall become the sole information of EMC.


Support Information

EMC Security Advisories (requires EMC Online Support credentials)


Blog: Product Security: EMC's Approach to Vulnerability Response

To Report an EMC Product Vulnerability

National Infrastructure Advisory Council: Vulnerability Disclosure Framework: Final Report and Recommendations by the Council

Organization for Internet Safety: Security Vulnerability Reporting and Response Guidelines Version 2.0