• Blog
  • News
  • Events
  • Deutsch
  • Log in
  • Products
    • Ready-to-go products
      • Next® Enterprise Archive
      • Next® Mailroom
      • Next® Invoices
      • Next® Contracts
      • Next® Go
      • Next® Emails
      • Next® Processes
      • Next® Bank Transactions
      • clear
    • clear
  • Solutions
    • By industry
      • Insurance
      • Manufacturing
      • Transport & Logistics
      • Wealth management
      • clear
    • By integration
      • Aspect4
      • M3
      • Salesforce
      • SAP
      • Other
      • clear
    • By business need
      • Document Management
      • Document Archiving
      • Invoice Processing
      • Contract Management
      • Email Automation
      • Bank Statement Processing
      • Mailroom Automation
      • clear
    • clear
  • Cases
    • 1:1 Assekuranzservice AG
    • Autokeskus
    • Bauder
    • Bendura Bank
    • BoConcept
    • Burger King
    • Burghaus
    • CRH Denmark
    • DAT-Schaub
    • DHL
    • EG
    • EL:CON
    • Emhart Glass
    • Erdinger Weissbräu
    • Heidekreis Klinikum
    • Hönninger
    • Inco
    • Jansson Group
    • Kellerhals Carrard
    • LB Forsikring
    • Lytzen
    • Mifa
    • Pohjantähti
    • Per Aarsleff
    • Schweizer Zucker
    • Secure Trust Bank
    • Ski Bygg
    • Spiegltec
    • Stark Group
    • swisspartners
    • TAPROGGE
    • Tareno
    • TFG Transfracht
    • TORM
    • Umoe Catering
    • clear
  • About
    • About
    • International
    • Team
    • Jobs
    • Partners
      • EG partnership
      • clear
    • Responsibility
    • Product strategy
    • Legal Notice
      • Nextway financial structure
      • clear
    • Trust Center
    • clear
  • Support
    • Support Plans
    • Next® always up to date
    • Help desk
    • News in Next®
    • Help center
    • Downloads
    • Authorization codes
    • clear
  • Contact
search
clearCancel

Vulnerabilities

How we handle vulnerabilities

Nextway’s vulnerability management procedure is designed to proactively identify, assess, and mitigate security vulnerabilities.

In response to identified vulnerabilities or security incidents, Nextway follows a well-defined and SoC2 audited process.

If you, as a customer or partner, identify a potential vulnerability, please share the details with Nextway by sending an email to security@nextway.software

It is a prerequisite that full details of the suspected vulnerability are documented in way that Nextway can validate and reproduce the issue.

When reporting an incident

Our commitment when handling suspected vulnerabilities is to use reasonable efforts to:

  • Respond in a timely manner, acknowledging receipt of your vulnerability report
  • Provide an estimated time frame for addressing the reported vulnerability
  • Notify you when the vulnerability has been fixed

In return we ask you to comply with the following procedures.

Please report any potential security vulnerabilities individually to Nextway via email at security@nextway.software

Before submitting your security vulnerability findings, we require you to validate that the security vulnerability finding is not a false positive. This will require a security resource on your end to review and validate findings (especially for automated scanner report output).

With each finding, please include the following information:

  • Description of the vulnerability: Include information such as targeted functionality, vulnerability that is identified and affected endpoints
  • Replication Steps to reproduce the security vulnerability finding
  • Proof of Concept: Provide screenshots and/or HTTP requests & responses and/or Sample of vulnerable code, clearly demonstrating that the vulnerability is exploitable
  • Possible impact of the security vulnerability finding: Include information such as what can an attacker achieve if the vulnerability is exploited, who can launch the attack (remote/local user, internal/external user, authenticated/unauthenticated user, viewer/editor/admin etc...) and how easy is it for an attacker to discover and exploit the vulnerability.

Please submit reports in English.

  • About
  • International
  • Team
  • Jobs
  • Partners
  • Responsibility
  • Product strategy
  • Legal Notice
  • Trust Center
  • Sitemap
  • Legal Notice
  • Privacy Policy
  • Follow us:
 
THE  

Thomas Hougaard-Enevoldsen

the@nextway.software
+45 61 63 96 71
THE  

Thomas Hougaard-Enevoldsen

the@nextway.software
+45 61 63 96 71
MBR  

Markku Brask

mbr@nextway.software
+358 50 356 7076
SMO  

Jørn M. Christensen

jmc@nextway.software
+45 26 77 66 40
THE  

Thomas Hougaard-Enevoldsen

the@nextway.software
+45 61 63 96 71
CCO  

Claus Cordes

cco@nextway.software
+49 177 6506222
MRI  

Marcel Ritter

mri@nextway.software
+41 78 671 79 02
THE  

Thomas Hougaard-Enevoldsen

the@nextway.software
+45 61 63 96 71

 

 

 

THE  

Thomas Hougaard-Enevoldsen

the@nextway.software
+45 61 63 96 71

JMC

SMO

 

Jørn M. Christensen

jmc@nextway.software
+45 26 77 66 40

 

Søren Mogensen

smo@nextway.software
+45 60 40 92 80
MBR  

Markku Brask

mbr@nextway.software
+358 50 356 7076

JMC

SMO

 

Jørn M. Christensen

jmc@nextway.software
+45 26 77 66 40


 

Søren Mogensen

smo@nextway.software
+45 60 40 92 80

JMC

SMO

 

Jørn M. Christensen

jmc@nextway.software
+45 26 77 66 40


 

Søren Mogensen

smo@nextway.software
+45 60 40 92 80
CCO  

Claus Cordes

cco@nextway.software
+49 177 6506222
RTS  

Raphael Tschopp

rts@nextway.software
+41 79 540 36 14

MRI  

Raphael Tschopp

rts@nextway.software
+41 79 540 36 14

MRI  

Raphael Tschopp

rts@nextway.software
+41 79 540 36 14

THE  

Thomas Hougaard-Enevoldsen

the@nextway.software
+45 61 63 96 71

 

Please accept marketing-cookies to view this video.

Click here to change your cookie settings