How to Report Security Issues to NetApp

NetApp has policies and procedures for reporting potential security issues.

The security of our products is of primary importance to NetApp and our customers. We accept reports of security vulnerabilities and work to ensure we can resolve them rapidly.

Contact us at the following email addresses to report:

These email addresses are for reporting potential vulnerabilities and security incidents only. For technical and customer support, including assistance analyzing results from vulnerability scanners, visit

We encourage you to encrypt personal, sensitive, or confidential information you send us via email by using the NetApp PSIRT GPG key (0x42C553F7). The full fingerprint of the PSIRT GPG key is: 87BA E855 6AFE 8743 A7E7 0CDC DBA1 73A6 42C5 53F7

NetApp attempts to acknowledge receipt to all submitted reports within seven days. In some instances, acknowledgement of receipt may be delayed due to company or national holidays. In those cases, NetApp will make every attempt to respond within the seven-day window upon the resumption of normal business activities.

Key Points

  • Report potential vulnerabilities with products or services.
  • Inform NetApp of potential incidents and issues on our websites.
  • Learn about NetApp's response policy.