Preskočiť na hlavný obsah
Kontakt
EN
Otvoriť hlavnú ponuku Zatvoriť menu

Office

Elektronické služby EN

Cyber security

Under the conditions of the Office of Industrial Property of the Slovak Republic, we approach cyber security responsibly. The management of the Office in Security Policy has declared full support for a regular increase in the level of security systems that are in the administration of the Office.

The reaction rate to a possible vulnerability or security incident plays a key role. Security vulnerability found in one of our information systems, or identified cyber security incident, can be reported by sending an email to the incident (AT) indprop.gov.sk. Email Message We recommend encrypt PGP with the key to confidential communication.

In the announcement of vulnerability, it is necessary to indicate as much information as possible that can help in its subsequent analysis and removal. The vulnerability description should include the following data:

  • Your name and contact details,
  • Your public PGP key to the encrypted answer option,
  • time and method of finding vulnerability,
  • if the vulnerability information has already been published somewhere,
  • the type of software or information system you are reported vulnerability,
  • a detailed description of the error including the type of web browser and its settings - what type of vulnerability is it (Buffer overflow, XSS, insufficient authentication, etc.), a unique query or POC code,
  • IP address from which you performed testing,
  • design solution and removal of vulnerability (if known).

The incident description is supposed to include the following data:

  • Your name and contact details,
  • Your public PGP key to the encrypted answer option,
  • the incident name and its type,
  • detailed description of the incident,
  • Date and time of the beginning of the incident (if known),
  • Date , time and method of finding an incident,
  • information whether it is a serious cyber security incident according to Act no. 69/2018 Coll. on cyber security and on amendments to certain laws and the incident category,
  • information whether it is an incident reporting that has disrupted availability, confidentiality or integrity and further analysis is required,
  • When describing the incident, please indicate as much information as possible that could help in analyzing it and subsequent processing.

 We currently do not have an open bug bounty program, but we will appreciate if you report to us any serious vulnerability identified in our information systems and contribute to increasing the overall level of cyber security of the Office of Industrial Property of the Slovak Republic.