Joyent Security Information

Introduction

Joyent takes security matters seriously. Security announcements are provided on our Security Advisories page and additionally on the mailing lists of impacted groups: smartos-discuss, sdc-discuss, and manta-discuss. To view incidents, please review our Security Advisories page.

If you have any security concerns or questions about our product and cloud environment, do not hesitate to contact us at security@joyent.com.

Reporting Issues

If you believe you have found an issue in any of the following services or software, please contact us:

  • Triton
  • ContainerPilot
  • SmartOS
  • Third-party software available in pkgsrc

To contact us, please include as much of the following information as possible in an e-mail to security@joyent.com. If you are not sure or do not have full details, please contact us anyway:

  • A description of the vulnerability.
  • What service or software is impacted and its version.
  • Any plausible workaround.
  • Example code or proof-of-concept, if possible.

Please use this PGP key to encrypt any sensitive information if necessary.

Once a security incident has been verified, we will communicate the impact analysis and status update on our Security Advisories page. Issue resolutions will be published once the problem has been remediated.