At Arzopa, safeguarding against security issues is a top priority. We welcome anyone with a security background to report potential security vulnerabilities to us. Your feedback helps us improve the security of our products and services.

1. Receive
   Monitor and promptly assign received vulnerabilities.
2. Verify
   Verify the vulnerability, confirm its exploitability, and assess its potential impact.
3. Develop Solution
   Provide effective solutions or risk remediation measures to address the identified vulnerability.
4. Confirm Scope
   Investigate and confirm the scope of affected products to ensure full coverage.
5. Release Security Advisory
   Review and publish a security advisory (SA) to inform users and stakeholders about the vulnerability and mitigation steps.

Please report any security vulnerabilities via email to: service@arzopa.com

When reporting a vulnerability, kindly include at least the following information, ideally as an attachment in this format:

1. Your organization and contact information
2. Affected products and versions
3. A description of the potential vulnerability
4. Information about known exploits
5. Disclosure plans

While we encourage the investigation of potential security vulnerabilities, we cannot tolerate any activity that interferes with legitimate users or violates applicable computer abuse, cybersecurity, and data protection regulations. Therefore, the following activities are strictly prohibited:

1. Modification or destruction of data
2. Service disruption or degradation (e.g., DDoS attacks)
3. Disclosure of personal, proprietary, or financial information

We aim to respond to any vulnerabilities submitted within 48 hours.

(Please note, actual response times may vary depending on the severity and complexity of the vulnerability.)

If an external party discovers or raises concerns about a potential vulnerability that has not yet been fully confirmed, we will disclose basic details about the issue and our ongoing investigation via email.

All vulnerability information must remain confidential until ARZOPA officially releases a public security advisory. Once the vulnerability is confirmed and resolved, we will release new firmware and provide a firmware update changelog, which will include descriptions of the vulnerabilities that have been addressed.

ARZOPA Download Center

We are committed to providing ongoing security updates for our products, which typically include the latest patches, vulnerability fixes, and other security enhancements. Our goal is to maintain security updates for at least two years from the product's launch date. However, the availability of security updates may vary depending on the product, so we encourage you to stay informed by regularly checking our announcements.

To help you stay updated on the security status of your ARZOPA products, we will continually publish and update security-related information on this page.