Protecting life is serious business. In order for you to do your job with confidence, we need to ensure that the devices, software and services that we supply are reliable and secure. When we build a new hardware or software product, it isn’t just about functionality – we also make it a top priority that your information is tightly guarded. This way, you can trust your tools to keep important information safe, and focus on what really matters.
Security Details by Product
Security of The Axon Network
These are features and measures Axon has taken to secure Axon products and services.
Vulnerability Identification and Remediation
Axon conducts regular vulnerability assessments to improve Axon products, security controls, and processes. Identification programs for Axon Cloud Services include frequent vulnerability scans and scheduled penetration tests performed by independent firms and contractors. All identified vulnerabilities are evaluated by the Axon Information Security team, assigned remediation time frames, and tracked through remediation.
If you are interested in performing security testing of Axon products, please first review Axon’s Penetration Testing & Vulnerability Disclosure Guidelines.
Security Monitoring and Response
Axon employs a dedicated Security Operations team to monitor the security of Axon Cloud Services, including Evidence.com. The team is equipped to immediately respond to threats and malicious actors.
Hackers and other malicious actors move fast, and they take advantages of entities that can’t keep their systems up to date and secure. Axon Cloud Services are delivered as Software as a Service and not only are security patches applied well within vendor recommendations, but Axon Cloud Services also ensure that Axon devices that are part of the Axon Network frequently receive security upgrades. These security updates and upgrades come out of the box with Axon Cloud Service licenses and do not require customer interaction. Axon's security upgrades and patches are applied during Evidence.com's Maintenance Schedule.
By having a laser focus on security and aggressively investing to maintain such security, we are able to deploy and appropriately manage advanced security tools and threat prevention solutions that are cost- or resource-prohibitive to individual customers. Unlike what you would find with an off-the-shelf anti-virus software that you install yourself, we offer advanced protections that deter even the most sophisticated attackers. We have finely tuned web application firewalls, leverage security intelligence tools for continuous monitoring, and deploy layers of defense to detect and react to malicious activity.
Reporting Potential Security Issues or Vulnerabilities
If you know or suspect security issues with an Evidence.com account or if you believe you've discovered a security vulnerability on Evidence.com or with an Axon product, please email firstname.lastname@example.org with a thorough explanation of the issue or vulnerability. Any sensitive testing results or information should be transmitted to Axon using an encrypted communication channel. Our PGP key is available here: Axon Information Security (36A266CE) – Public
We ask that you do not disclose any vulnerability information publicly or to any third party without coordination with Axon's Information Security team. Axon is committed to working with customers and the security researcher community to validate and address reported potential vulnerabilities. Further information regarding this commitment is outlined in Axon’s Penetration Testing & Vulnerability Disclosure Guidelines.
All non-security-related issues should be directed to Axon Customer Support.