Re: [Predisclosure-applications] Application for the pre-disclosure list

[George Dunlap <dunlapg@xxxxxxxxx>]

Mihai,

Actually we had internally actually decided to approve your
application, and then the ball got dropped on actually implementing
it.

Let me chase that process up; and please ping us again if you haven't
heard from us in a week.

Sorry for the delay.

 -George Dunlap

On Tue, Mar 21, 2017 at 4:45 PM, Mihai Donțu <mdontu@xxxxxxxxxxxxxxx> wrote:
> Hi,
>
> On Tuesday 20 December 2016 05:15:54 Mihai Donțu wrote:
>> I am writing on behalf of Bitdefender with the hope of adding our
>> company to the pre-disclusure list.
>>
>> 1. Organization
>> ===============
>>
>> Bitdefender SRL: http://www.bitdefender.com/business/
>>
>> 24, Delea Veche Street, Office Building A, 7th floor, 2nd district,
>> Bucharest, Romania
>>
>> 2. Domain name providing Xen-based services
>> ===========================================
>>
>> N/A, though our cloud service runs on top of AWS
>> https://gravityzone.bitdefender.com/
>>
>> 3. Brief description
>> ====================
>>
>> Bitdefender provides security solutions integrating with various
>> virtualization platforms, including XenServer. Our latest product -
>> Bitdefender HVI - is tightly connected with the xen hypervisor via the
>> VM event (mem_access) subsystem, also known as Citrix XenServer Direct
>> Inspect API.
>>
>> Inclusion in the pre-disclosure list would make us eligible for
>> receiving Citrix XenServer security updates ahead of time (binary and
>> source) in order to ensure a bug/regression-free experience for our
>> customers.
>>
>> 4. Products using Xen
>> =====================
>>
>> Bitdefender GravityZone - Security for Virtualized Environments
>> http://www.bitdefender.com/business/virtualization-security.html
>>
>> Bitdefender GravityZone - HVI
>> http://www.bitdefender.com/business/hypervisor-introspection.html
>>
>> 5. Links to public web pages
>> ============================
>>
>> Bitdefender GravityZone SVE (includes XenServer support)
>> http://www.bitdefender.com/business/virtualization-security.html
>>
>> Bitdefender GravityZone HVI (XenServer-based)
>> http://www.bitdefender.com/business/hypervisor-introspection.html
>>
>> Documentation mentioning XenServer support:
>> http://download.bitdefender.com/resources/media/materials/virtualized-environments/en/Bitdefender-2015-NGZ-SecurityForVirtualEnviro-DS-70574-A4-en_EN-web.pdf
>>
>> Security issues are reported to support@xxxxxxxxxxxxxxx or
>> security@xxxxxxxxxxxxxxx
>>
>> We also run a dedicated bugbounty program:
>> http://www.bitdefender.com/site/view/bug-bounty.html
>>
>> Published articles as part of Xen Project:
>> https://blog.xenproject.org/2015/08/04/the-bitdefender-virtual-machine-introspection-library-is-now-on-github/
>> https://events.linuxfoundation.org/sites/events/files/slides/Zero-Footprint%20Guest%20Memory%20Introspection%20from%20Xen%20_%20draft11.pdf
>>
>> Assigned XSA-s:
>> https://xenbits.xen.org/xsa/advisory-105.html
>> https://xenbits.xen.org/xsa/advisory-106.html
>> https://xenbits.xen.org/xsa/advisory-116.html
>>
>> 6. Xen Project Security Policy Agreement
>> ========================================
>>
>> I and the members of our security team have read the Xen Project
>> security policy agreement[1] and agree to abide terms for inclusion in
>> pre-disclosure list.
>>
>> [1] https://www.xenproject.org/security-policy.html
>>
>> 7. Non-personal email address
>> =============================
>>
>> xen@xxxxxxxxxxxxxxx
>
> Sorry to push with this, but is there anything I can do to get the
> application unstuck?
>
> Thank you,
>
> --
> Mihai DONȚU
>
> _______________________________________________
> Predisclosure-applications mailing list
> Predisclosure-applications@xxxxxxxxxxxxxxxxxxxx
> https://lists.xenproject.org/cgi-bin/mailman/listinfo/predisclosure-applications

_______________________________________________
Predisclosure-applications mailing list
Predisclosure-applications@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/cgi-bin/mailman/listinfo/predisclosure-applications