Cyber Security Response Center
Our customers' security and safety are a priority. We are committed to creating secure solutions from the ground up and have practices in place to help identify and mitigate risk. As technology evolves, our strategy is to follow industry and IT best practices so that we can proactively prepare for, or quickly respond to, new security challenges when they arise.
At Genetec, we are committed to developing resources and providing support to help you strengthen your cyber security practices. On this page you can access our hardening guides, report a security vulnerability 24/7, and read our most recent cyber security updates and articles.
Report a security vulnerability
The Genetec Cyber Security Response Center investigates all reports of security vulnerabilities affecting Genetec products and services. If you are a security researcher, partner or end user and believe you have found a Genetec security vulnerability, we would like to work with you to have it investigated and remediated.
Please collect as much of the below information as possible and submit it to [email protected]. This information will help us to better understand the nature and scope of the possible issue.
- Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
- Product and/or version, cloud service, or Genetec web url that contains the bug
- Any special configuration required to reproduce the issue
- Step-by-step instructions to reproduce the issue on a fresh install
- Proof-of-concept or exploit code
- Impact of the issue, including how an attacker could exploit the issue
You should receive a response within one business day. If for some reason you do not, please follow up with us to ensure we received your original message.
GTAC Crisis Response Center
The GTAC Crisis Response Center is available 24 hours a day, and 7 days a week to offer you emergency support by email, phone, and even on site at your facility. We have engineers as well as partners specialized in rapid response to support you in situations such as catastrophic system failure or cyber-attack. To add the 24/7 support option to your system, please contact Inside Sales.
Emergency 24/7 support access
Our 24/7 coverage is automatically available to all systems enrolled in the Genetec Advantage program that have purchased this option. Call us at +1 514.856.7100 and have your Advantage contract number and Certification number ready or log into the Genetec Portal to submit a ticket.
If you are in an urgent situation and do not have Genetec Advantage we suggest reaching out to your integrator directly or filling out this form. We will respond to your request within the standard response SLA according to your system coverage.
Note: To access the following security document, you must be a Security Center user with the appropriate credentials to log into the Genetec Portal. If you do not have access credentials, please contact [email protected].
Security bulletins & educational articles
GTAC Crisis Response Request
2017-07-21 | Advisory
A critical security vulnerability has been discovered for multiple ONVIF-based devices that allow attackers to gain root access to those devices without proper authentication.
2017-05-18 | Advisory
We understand that our customers and users may still be struggling with the affects of WannaCry or may be seeking additional information. We are continuing to update our advisory page on the subject with both relevant articles that will help you understand the risks at hand, as well as details related to updates required to help further protect Genetec hardware.
2017-05-15 | Advisory
Microsoft has announced that many users of Windows-based systems might be affected by the malicious WannaCry software. Genetec Security Center software is not affected but we do urge our hardware users to apply relevant Microsoft patches and to review our hardening guides.
2016-12-05 | Advisory
A critical security vulnerability has been discovered for Siemens-branded IP-based CCTV cameras that allow remote attackers to obtain administrative credentials from the integrated web server.
2016-07-26 | Blog
When Apple and the FBI squared off this year over the unlocking of a smart phone, ordinary citizens became aware of an issue that those of us in the security industry have been dealing with for a long time. Namely, they began thinking about the balance between security and privacy.