Incident Response Team
Helping you protect your systems, smartphones and tablets
The BlackBerry Security Incident Response Team (SIRT) works to make BlackBerry® one of the most secure mobile platforms available. The BlackBerry SIRT builds collaborative relationships across the industry, monitors the security threat landscape and responds rapidly to emerging incidents to provide customers with the guidance and tools they need to protect their systems and devices.
How safe is your smartphone's app store?
Adrian Stone, Director of Security Response, describes how our collaboration with Trend Micro will help protect customers from malware and privacy concerns associated with third-party apps in the following blog.
BlackBerry SIRT introduces two, new customer notifications to help address privacy and malware concerns
As you may know, BlackBerry releases security notices to inform customers about software vulnerabilities that were identified, which we're either working to address or don't believe the potential risk warrants a security update. These notices typically provide mitigations, workarounds and authoritative guidance to reduce any potential risk for BlackBerry customers.
Given the possible privacy implications and security risks associated with mobile applications, the BlackBerry Security Incident Response Team is establishing two, new types of notices to help protect and inform customers: the privacy notice and the malware security notice.
Privacy notices are for applications that do not appear to have malicious objectives or aim to mislead customers, but rather don't clearly or adequately inform users about how the app is accessing and possibly managing customers' data. These notices provide information about an application's behaviour in order for customers to make an informed decision about whether to continue using the app. In addition, privacy notices will provide information on how to remove the application, if a customer determines that's the best course of action for them.
Unlike privacy notices, malware security notices are released to inform customers about software that is developed with malicious intent, and it provides details about the malware's activities, potential mitigations and guidance on how to remove it from their device.
These new types of notices provide another layer of protection for our customers and offer additional transparency into the steps we're taking to continue to bolster security and privacy in an evolving threat landscape.
Vulnerability Disclosure Policy
All reports of vulnerabilities in BlackBerry products or services are investigated by the BlackBerry SIRT. For currently supported and non-beta products, the BlackBerry SIRT will follow BlackBerry triage and remediation processes and take appropriate action to help protect customers. For confirmed vulnerabilities in publicly released, in-support products, this will normally result in the publication of a security advisory, along with a corresponding software update to address the issue.
When vulnerabilities are reported to BlackBerry, industry standard best practices around coordinated vulnerability disclosure are followed and individuals and/or companies who worked with the company on security advisories are acknowledged. BlackBerry also acknowledges individuals and/or companies who report non-advisory class issues for their work to help protect BlackBerry customers.
Latest security advisories and notices
Reporting a security issue
You may be experiencing a problem that appears to be security-related but isn’t due to malware or a vulnerability in BlackBerry products. If you’re experiencing one of these problems, review the solutions to common problems below. If you find the answer here, you don’t need to submit a security issue.