Vulnerabilities Reporting
If you have identified a potential security vulnerability with PerfectDraft Pro, please report it here:
Required information:
- PerfectDraft Pro Serial Number (found on the back of the device, e.g.: 111EU2222000011)
- Firmware Version (at time of issue, found in the app, e.g.: v0.0.0-0)
- PerfectDraft App Installation ID (found in the about section of the app, in settings e.g.: 635f02caae477cd5acd5358bd44ebd0b)
- A description of the vulnerability.
Our technical experts will evaluate and investigate the information provided in the report, and take all appropriate actions to rectify the vulnerability. They might contact you to ask for additional information, if needed.
You will receive an email acknowledging the receipt of the report within 24 hours, and an update on the progress of our investigation every 10 working days until the potential issue is solved or the investigation has been concluded.
FULL POLICY
PerfectDraft Pro machines vulnerabilities disclosure and software support policy – (UK PSTI)
This policy applies to PerfectDraft UK Limited and AB InBev in relation to any vulnerabilities you are considering reporting to us regarding the product PerfectDraft Pro. This policy also states the minimum period of software and firmware support.
Please read the policy before reporting a potential vulnerability.
- Reporting to PerfectDraft UK Limited
If you believe you have found a security vulnerability in relation to PerfectDraft Pro, please submit your report to us using this email address: cybersecuritypd@ab-inbev.com
Please include the following:
- PerfectDraft Pro Serial Number (found on the back of the device, e.g.: 111EU2222000011)
- Firmware Version (at time of issue, found in the app, e.g.: v0.0.0-0)
- PerfectDraft App Installation ID (found in the about section of the app, in settings e.g.: 635f02caae477cd5acd5358bd44ebd0b)
- A description of the vulnerability.
- The process
After you have submitted your report, we will investigate it and respond to you within 10 working days. We will also aim to keep you informed of our progress.
We will notify you when the reported vulnerability has been resolved, we welcome requests to disclose your report.
- Guidance
You must NOT:
- Break any applicable law or regulations.
- Access unnecessary, excessive or significant amounts of data.
- Modify data in the company’s systems or services.
- Use high-intensity invasive or destructive scanning tools to find vulnerabilities.
- Disrupt the company’s services or systems.
- Communicate any vulnerabilities or associated details other than by using the dedicated email address.
- Social engineer, “phish” or physically attack the company’s staff or infrastructure.
- Demand financial compensation in order to disclose any vulnerabilities.
You must:
- Always comply with data protection rules.
- Securely delete all data retrieved during your research as soon as it is no longer required or within 1 month of the vulnerability being resolved, whichever occurs first (or otherwise required by data protection law).
- Software and firmware support period
This policy refers to the PerfectDraft Pro machine, and is supported until 2030 as a minimum.