In today’s increasingly connected digital environment, the importance of security cannot be overstated. Organizations around the globe are striving to ensure that the technologies we depend on are not only innovative but also inherently secure. At Hitachi Vantara, we are thrilled to reaffirm our unwavering commitment to cybersecurity by adopting the principles of Secure by Design and signing the pledge. This initiative marks a milestone in our mission to deliver safer, more resilient technologies while proactively addressing contemporary security challenges.
As a leader in innovation, Hitachi Vantara is proud to champion the Secure by Design philosophy. This commitment reflects our vision of a secure digital future and is underscored by two critical accomplishments:
As an established CVE Numbering Authority (CNA) since 2020, Hitachi Vantara is committed to the transparent identification and publication of CVEs for vulnerabilities found in our products. By sharing these standardized CVE records, we enable customers, researchers, and partners to stay informed about potential risks and take appropriate measures to secure their environment. This effort demonstrates our dedication to bolstering global cybersecurity through openness and accountability.
You may view the CVEs published by Hitachi Vantara by accessing the following link:
Hitachi Vantara Security Advisories
Effective cybersecurity relies on transparency and collaboration. In line with this ethos, we have introduced a detailed Vulnerability Disclosure Policy (VDP). This policy outlines a clear and structured approach for researchers, customers, and partners to report potential security issues within our products. By fostering open communication, we are able to address vulnerabilities swiftly and effectively, further strengthening our security posture.
You may view our Vulnerability Disclosure Policy in the following link: https://www.hitachivantara.com/en-us/security#section-vulnerability-disclosure-policy
To further reinforce our commitment to cybersecurity, all Hitachi Vantara products are supported with security patches. These patches are developed and released to address vulnerabilities, enhance protection measures, and adapt to evolving threat landscapes.
As part of our ongoing commitment to enhancing cybersecurity and operational transparency, Hitachi Vantara is striving to ensure that all our products feature logging capabilities for all operations and access. This initiative is designed to support auditing, monitoring, and investigative processes. By implementing logging mechanisms, we aim to empower our clients with tools to detect anomalies, identify unauthorized access, and respond to potential threats.
Recognizing the risks associated with default passwords, we are actively working to ensure that no Hitachi Vantara products are shipped with them. By eliminating default credentials, we significantly reduce the risk of unauthorized access and enhance the overall security of our solutions.
To enhance the security of our products further, we are actively developing the capability to integrate single sign-on (SSO) functionality across all platforms. By integrating with SSO, we aim to ensure that our products align with identity and access management standards.
Our initiative aims to reduce entire classes of vulnerabilities through proactive design strategies. This is a joint effort involving both our team and collaborators, focusing on the implementation of best development practices, security assessments, security scans, penetration testing, and audits like SSDF. Additionally, our ongoing projects include work with digital signatures, all of which are integral to enhancing resilience against potential threats.
While these accomplishments are significant markers of progress, our work is far from complete. Secure by Design is a continuous journey, and we are committed to advancing our efforts through collaboration with industry peers, enhanced training programs, and the integration of cutting-edge security technologies. These efforts underscore our dedication to staying ahead of emerging threats and ensuring the highest standards of security.