cyber-security-header

Cybersecurity at Bender

Cybersecurity at Bender

Bender comprehensively and carefully monitors the current processes and facts concerning cybersecurity at every stage of product development and integrates the results into the ongoing development process. Occurring security gaps are immediately analysed, and if necessary, corrected with updates.

As a member of the Computer Emergency Response Team (CERT) of the German Electrical Engineering Association (CERT@VDE.CERT)), Bender benefits from the measures, the exchange and the solutions found together with partners. The expert group of IT specialists, which is geared to the interests and requirements of medium-sized companies, reports security gaps, develops solution approaches and provides these to the partners.

We are thus notified of potential vulnerabilities at the earliest possible stage and can react immediately.

Furthermore, Bender is a member of the Allianz für Cybersicherheit (ACS) at the Federal Office for Information Security (BSI). Regular penetration tests and IT audits are used to check the security standard. They are carried out at regular intervals within the framework of security certifications that reflect the respective level of knowledge. Internal systems are always sealed off according to the current state of the art in order to prevent external access. This prevents malicious code from reaching the devices in all phases of product development.

General statement on Cybersecurity

Reporting a vulnerability

Vulnerabilities can be reported via the e-mail address psirt@remove-this.bender.de.
PGP-Key 8D34FC75B99E9C260F92361D6EFD3692F7FCE8DD

Vulnerability information

log4j (CVE-2021-44228)

All devices and software products distributed by Bender are not affected by the log4j vulnerability..

Security Advisories

BENDER-2019-001 COMTRAXX Vulnerability -Inadequate Credentials check

BENDER-2021-001 Multiple Charge Controller Vulnerabilities