ฟีอีซี่คอม PSIRT

I. PSIRT Organization Overview

1. Organizational Definition and Value

PSIRT (Product Security Incident Response Team, Product Security Incident Response Team) is a specialized response organization established by Feiyitong Technology to address product security vulnerabilities and incidents. Its core mission is “Rapid Response, Effective Management, Continuous Improvement.” Through standardized processes covering the entire lifecycle management of vulnerabilities and emergency response to security incidents, it ensures the security and stability of the company’s core products such as Bluetooth modules, Wi-Fi modules, and automotive electronics throughout their lifecycle, safeguarding customer business continuity and data security. It aligns with international standards such as ISO/SAE 21434, ISO 27001, and GDPR compliance requirements, as well as the national standard GB 44495 – 2024 “Technical Requirements for Information Security of Whole Vehicle.”

2. Background and Compliance Basis

Industry Demand: The rapid increase in security threats in the IoT and automotive electronics sectors (such as firmware tampering, Bluetooth protocol vulnerabilities, in-vehicle system intrusions) necessitates the need for specialized teams to address product security risks.
Compliance Requirements: Respond to the “Product Security Incident Response” requirement in ISO/SAE 21434 “Road Vehicles – Network Security Engineering,” meet the compliance obligation of GDPR for reporting data breaches within 72 hours, and align with the mandatory regulations of CRA (EU “Cyber Resilience Act”) for product vulnerability management
Corporate Strategy: As the core implementation vehicle for the security principle of “Prevention First, Eliminate Vulnerabilities,” supporting the company’s core belief of “Making Communication Simple and Free”

3. Core Value Proposition

For Customers: Provide transparent channels for responding to product security vulnerabilities, reduce customer usage risks, and enhance customer trust in Feiyitong products
Business side: Quickly contain the spread of security incidents, reduce business disruption losses, and ensure the stability of critical business areas such as automotive electronics and industrial IoT
Compliance side: Ensure product security management complies with international standards and cross-border regulations, avoiding compliance penalties (e.g., GDPR fines up to 4% of global annual revenue)
Technical side: Accumulate security response experience, feed back into product development, and drive continuous iteration of product security capabilities

II. Organizational Structure and Responsibilities

Person in charge: Head of IT Systems Department
Core members: Data Security Specialist
Collaborating departments: R&D Department, Product Department, Legal Department, Customer Service Department, IT Systems Department

III. Core Workflow

1. Vulnerability Lifecycle Management Process (Standardized Closed-Loop)

2. Security Incident Emergency Response Process (Tiered Handling)

IV. Key Capability Support

1. Technical Capability Support
2. Process and System Support
3. Personnel Capability Support

V. Cooperation and Communication Mechanism

1. Internal Cooperation Mechanism
2. External Communication Mechanism
(1) Customer Communication
(2) Industry and Regulatory Cooperation

VI. Contact and Support

1. Vulnerability and Incident Reporting Channels

Dedicated Email: PSIRT@feasycom.com (Recommended to submit vulnerability reports / incident descriptions as attachments)

2. Consultation and Cooperation

Customer Security Consultation: Contact the dedicated customer security liaison or send an email to PSIRT@feasycom.com
Industry Cooperation: If you need to share vulnerability intelligence or collaborate on security incidents with PSIRT, you can email PSIRT@feasycom.com
Office Address: No. 50, Phoenix Smart Valley Building A, Gulong Community, Xixiang Street, Bao’an District, Shenzhen City (PSIRT Office Area)