Security is our first priority

Businesses face a challenge to offer secure access for a broader array of services and applications while guarding against increasingly sophisticated threats. Synology brings enhanced and comprehensive security solutions, allowing you to adapt more quickly to evolving technologies, business needs, and threats.

Synology PSIRT

The Synology Product Security Incident Response Team (PSIRT) is responsible for reacting to Synology product security incidents. The PSIRT manages the receipt, investigation, coordination, and public reporting of security vulnerability information regarding Synology products.

Fast security incident response

Security is our first priority. Upon receiving submissions about zero-day vulnerabilities, we make a preliminary assessment within eight hours, and fix any vulnerability within a day. A patch will be made available shortly after confirmation to keep all our products reliable and secure.

8hr

INVESTIGATING VULNERABILITIES

15hr

VULNERABILITIES
FIXED

24hr

RESPONSIVE EVENT HANDLING

Enhancing security together with FIRST

The Forum of Incident Response and Security Teams (FIRST) is the premier organization and recognized as the global leader in incident response. As a member of the FIRST, Synology's PSIRT can respond to security incidents more effectively and share our industry know-how to help set up more comprehensive security standards with world-leading partners.

CVE Numbering Authority

Synology is authorized as a CNA (CVE Numbering Authority) by the MITRE Corporation, a world-leading security institute. Entitled to assign CVE IDs to vulnerabilities affecting our own products, we are committed to advancing security solutions.

Engage with the hacker community with bounty programs

Synology NAS is committed to high standards of safety. We hold the bounty programs every year and invite the top hackers to enhance the security of Synology products. Keeping user information safe and building a more secure product are the mission of Synology. We welcome the contribution of external security researchers and look forward to awarding them for their invaluable contribution to the security of all Synology users.

2015 HITCON Hack2Own

2016 Private Invitation

2017 Bounty Program