HPC-Gridware takes the security of its products and open-source projects seriously. We appreciate responsible disclosure of security vulnerabilities.

If you believe you have found a security vulnerability affecting an HPC-Gridware product or an associated open-source project, please report it using one of the following channels:

• Web form: https://www.hpc-gridware.com/security
• Email: sales@hpc-gridware.com

Please include sufficient information to allow us to understand and assess the issue, such as:

• A description of the vulnerability
• Affected product, component, and version (if known)
• Steps to reproduce or proof of concept

Reported security issues are reviewed and handled by the HPC-Gridware product security team. We aim to acknowledge reports and may request additional information where necessary.

Security vulnerabilities are addressed in accordance with our internal vulnerability handling and incident response processes, aligned with applicable regulatory requirements, including the EU Cyber Resilience Act.

We encourage coordinated and responsible disclosure. Please refrain from public disclosure until the issue has been assessed and addressed, or until coordination has been agreed.

This security policy applies to:

• Gridware Cluster Scheduler (GCS) Enterprise Edition
• Relevant open-source components distributed as part of GCS

For general questions, please contact sales@hpc-gridware.com.