Hi,
Would like to apply for access to the predisclosure list please.
Name: Gossamer Threads Inc
Domain: https://gt.net/
Description: We're a managed hosting company running approximately 100 xen dom0's. We maintain our own packages / patchsets for most core apps and as a managed provider are responsible for security (customers do not get root). This includes xen, we build our own packages + deployments from source onto gentoo (hence list access would make patch days much easier + quicker to roll out)
Evidence of status: Our pricing varies as we design servers to meet customer needs, but a typical fully managed VM is in the $250/month. Client setups vary widely from single VMs to custom clouds where a customer can spin up/down VMs on their reserved hypervisors at no cost.
Security handling: Typically this is just done via our support systems in the rare event an issue is reported by a customer. Outside contact typically comes into our abuse@xxxxxx address when that rarely happens (we've very proactive about monitoring our IP space for any signs of outgoing abusive traffic).
I've read and have no problem abiding by embargo rules, and as a member of the security community understand the reasons :). I personally subscribe to + monitor all the xen mailing lists, we also provide open public mirrors at http://www.gossamer-threads.com/lists/xen/
Alias to add: noc@xxxxxx
Let me know if you've got any questions. Thanks for the consideration!
- Nathan
--
Nathan March <nathan@xxxxxx>
GT.net https://gt.net/
Tel: (604) 687-5804 Fax: (604) 687-5806