Read the SolarEdge Cyber Security Policy | SolarEdge
Accessibility Button

Accessibility Menu

Close Accessibility
Close mobile menu

Coordinated Vulnerability Disclosure Policy

Coordinated Vulnerability Disclosure Policy hero banner
Coordinated Vulnerability Disclosure Policy hero banner

Introduction

SolarEdge prioritizes the highest standards of cybersecurity to safeguard our customers, partners, and the broader solar energy industry. This commitment extends beyond protecting sensitive customer data; it encompasses securing our essential IT infrastructure that underpins our products, solutions, and services.

To achieve this goal, SolarEdge has implemented a comprehensive cybersecurity program that includes a robust cybersecurity team, secure development practices, regular security audits and penetration testing, and employee training.

SolarEdge is committed to continuous improvement in cybersecurity. We actively monitor cybersecurity trends, adopt industry best practices, and collaborate with security researchers to enhance our defenses. We believe that cybersecurity is not just a technical challenge but also a critical aspect of ensuring the safety and reliability of our solar energy solutions.

SolarEdge's Coordinated Vulnerability Disclosure Policy outlines the guidelines for reporting vulnerabilities, including:
 

  • Reports must be submitted using the official Vulnerability Reporting Form.
  • Reports must be submitted in good faith and must be accurate and complete.
  • Reporters will not be penalized for reporting vulnerabilities in good faith.
     

Our Coordinated Vulnerability Disclosure Policy (CVDP) outlines the clear and accessible guidelines for reporting suspected vulnerabilities in our systems. We welcome input from:

  • Security researchers and ethical hackers
  • Industry groups and organizations
  • CERTs and incident response teams
  • Our valued partners
  • Any individual who discovers and responsibly discloses legitimate cybersecurity vulnerabilities
     

Report

Upon receiving a vulnerability report, SolarEdge will promptly initiate an investigation and validate the issue. If a vulnerability is confirmed, it will be prioritized for remediation. SolarEdge will develop a patch or workaround to address the vulnerability and communicate with affected customers and partners regarding the vulnerability and the remediation process.

Advisories:
SEDG-2024-1

Contact Information

To report you can use the form

Off
Off
CAPTCHA

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.