BAS-IP, \u00fcr\u00fcnlerimizde ke\u015ffedilen g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 y\u00f6netme ve bunlara yan\u0131t verme konusunda sekt\u00f6r lideri uygulamalar\u0131 takip etmektedir. \u015eirketimiz taraf\u0131ndan sa\u011flanan \u00fcr\u00fcn ve hizmetlerin g\u00fcvenlik a\u00e7\u0131klar\u0131ndan tamamen ar\u0131nm\u0131\u015f oldu\u011funu garanti etmek imkans\u0131zd\u0131r. Bu, benzersiz bir \u00f6zellik de\u011fil, t\u00fcm yaz\u0131l\u0131mlar ve hizmetler i\u00e7in ortak bir ko\u015fuldur, ancak geli\u015ftirmenin her a\u015famas\u0131nda potansiyel g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 tespit etmek ve ortadan kald\u0131rmak i\u00e7in \u00e7aba g\u00f6sterece\u011fimizi, b\u00f6ylece BAS-IP \u00fcr\u00fcn ve hizmetlerinin m\u00fc\u015fteri ortamlar\u0131nda konu\u015fland\u0131r\u0131lmas\u0131yla ili\u015fkili riski azaltaca\u011f\u0131m\u0131z\u0131 garanti edebiliriz.<\/p>\n\n\n\n
BAS-IP, baz\u0131 standart a\u011f protokollerinin ve hizmetlerinin istismar edilebilecek do\u011fal zay\u0131fl\u0131klara sahip olabilece\u011fini kabul etmektedir. BAS-IP bu protokollerden ve hizmetlerden sorumlu olmasa da, BAS-IP \u00fcr\u00fcnleri, yaz\u0131l\u0131mlar\u0131 ve hizmetleriyle ili\u015fkili riskleri azaltmaya y\u00f6nelik tavsiyeleri \u00e7e\u015fitli k\u0131lavuzlar \u015feklinde sunmaktay\u0131z<\/a>.<\/p>\n\n\n\n Bu belgede a\u00e7\u0131klanan g\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netimi politikas\u0131, BAS-IP markas\u0131 alt\u0131ndaki t\u00fcm \u00fcr\u00fcnler, yaz\u0131l\u0131mlar ve hizmetler i\u00e7in ge\u00e7erlidir.<\/p>\n\n\n\n Baz\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131 BAS-IP g\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netimi politikas\u0131 kapsam\u0131nda de\u011fildir. L\u00fctfen g\u00fcvenlik a\u00e7\u0131\u011f\u0131 y\u00f6netimi politikas\u0131 kapsam\u0131nda olmayan g\u00fcvenlik a\u00e7\u0131\u011f\u0131 raporlar\u0131n\u0131 security@bas-ip.com<\/a> adresine g\u00f6ndermeyin:<\/p>\n\n\n\n BAS-IP, ara\u015ft\u0131rmac\u0131lar\u0131n BAS-IP \u00fcr\u00fcnleri, yaz\u0131l\u0131mlar\u0131 ve hizmetlerindeki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 belirleme ve raporlama \u00e7abalar\u0131n\u0131 takdir eder ve te\u015fvik eder. Sorumlu a\u00e7\u0131klama s\u00fcrecini takip ederek, BAS-IP \u00fcr\u00fcn g\u00fcvenlik ekibi, a\u00e7\u0131klama s\u00fcreci boyunca kar\u015f\u0131l\u0131kl\u0131 i\u015fbirli\u011fi ve \u015feffafl\u0131k yoluyla ara\u015ft\u0131rmac\u0131lar\u0131n \u00e7\u0131karlar\u0131na ellerinden gelen en iyi \u015fekilde sayg\u0131 g\u00f6sterecektir.<\/p>\n\n\n\n BAS-IP \u015eirketi, ara\u015ft\u0131rmac\u0131lar\u0131n 90 g\u00fcnl\u00fck s\u00fcrenin dolmas\u0131na veya kar\u015f\u0131l\u0131kl\u0131 olarak kararla\u015ft\u0131r\u0131lan bir tarihe kadar<\/strong> g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 if\u015fa etmemesini ve g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ara\u015ft\u0131rmas\u0131n\u0131 yasal s\u0131n\u0131rlar<\/strong> i\u00e7inde, zarar vermeden, gizlili\u011fi if\u015fa etmeden veya BAS-IP \u015eirketi, ortaklar\u0131 ve m\u00fc\u015fterilerinin g\u00fcvenli\u011fini tehlikeye atmadan y\u00fcr\u00fctmesini bekler.<\/p>\n\n\n\n BAS-IP \u015eirketi, g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 iyi bilinen CVSS<\/strong> derecelendirme<\/a> sistemini kullanarak de\u011ferlendirir.<\/p>\n\n\n\n A\u00e7\u0131k kaynak bile\u015fen g\u00fcvenlik a\u00e7\u0131klar\u0131 ile ilgili olarak, BAS-IP, g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131, BAS-IP’nin \u00fcr\u00fcnlerini, yaz\u0131l\u0131mlar\u0131n\u0131 ve hizmetlerini nas\u0131l uygulamay\u0131 \u00f6nerdi\u011fi ba\u011flam\u0131ndaki \u00f6nemine ba\u011fl\u0131 olarak de\u011ferlendirebilir. G\u00fcvenlik dan\u0131\u015fmanl\u0131klar\u0131 genellikle yaln\u0131zca BAS-IP’ye \u00f6zg\u00fc g\u00fcvenlik a\u00e7\u0131klar\u0131 i\u00e7in sa\u011flan\u0131r.<\/p>\n\n\n\n Bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 de\u011ferlendirildi\u011finde ve d\u00fczeltmeye tabi oldu\u011funda \u00f6ncelik da\u011f\u0131l\u0131m\u0131<\/strong>:<\/p>\n\n\n\n BAS-IP, \u00fcr\u00fcnlerimizdeki g\u00fcvenlik a\u00e7\u0131klar\u0131yla ili\u015fkili riskleri belirlemek ve azaltmak i\u00e7in s\u00fcrekli \u00e7al\u0131\u015fmaktad\u0131r. Ancak, bir BAS-IP \u00fcr\u00fcn\u00fc, yaz\u0131l\u0131m\u0131 veya hizmetiyle ilgili bir g\u00fcvenlik sistemi a\u00e7\u0131\u011f\u0131 ke\u015ffettiyseniz, sorunu derhal<\/strong> bildirmenizi \u015fiddetle tavsiye ederiz. G\u00fcvenlik sistemi a\u00e7\u0131klar\u0131n\u0131n zaman\u0131nda bildirilmesi, pratik kullan\u0131m olas\u0131l\u0131\u011f\u0131n\u0131 azaltmak i\u00e7in \u00e7ok \u00f6nemlidir. A\u00e7\u0131k kaynak yaz\u0131l\u0131m bile\u015fenleriyle ilgili g\u00fcvenlik a\u00e7\u0131klar\u0131 do\u011frudan sorumlu kurulu\u015fa bildirilmelidir.<\/p>\n\n\n\n Potansiyel bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 ke\u015ffeden son kullan\u0131c\u0131lar, ortaklar, tedarik\u00e7iler, end\u00fcstri gruplar\u0131 ve ba\u011f\u0131ms\u0131z ara\u015ft\u0131rmac\u0131lar, bulgular\u0131n\u0131 security@bas-ip.com<\/a><\/strong> adresine veya anonim bir form<\/a><\/strong> doldurarak bildirmeye te\u015fvik edilir.<\/p>\n\n\n\n G\u00f6nderilen rapor \u015funlar\u0131 i\u00e7ermelidir:<\/p>\n\n\n\n BAS-IP \u015eirketinden a\u015fa\u011f\u0131dakileri bekleyebilirsiniz:<\/p>\n\n\n\n Ke\u015ffedilen bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 raporu incelenip ger\u00e7ek oldu\u011fu onayland\u0131ktan sonra, BAS-IP sorumlu a\u00e7\u0131klama s\u00fcrecini ba\u015flat\u0131r. BAS-IP, CVSS 3.1 de\u011ferlendirmesi, g\u00fcvenlik \u00f6nerisi i\u00e7eri\u011fi ve\/veya bas\u0131n b\u00fcltenleri (varsa) ve harici a\u00e7\u0131klama tarihi gibi ek detaylar konusunda ara\u015ft\u0131rmac\u0131 ile i\u015fbirli\u011fi yapmaya \u00e7al\u0131\u015f\u0131r.<\/p>\n\n\n\n BAS-IP \u015eirketi ve ara\u015ft\u0131rmac\u0131 aras\u0131ndaki bir anla\u015fmadan sonra, g\u00fcvenlik a\u00e7\u0131\u011f\u0131 harici ama\u00e7lar i\u00e7in BAS-IP \u015eirketi taraf\u0131ndan g\u00fcvenlik \u00f6nerileri ve\/veya bir bas\u0131n b\u00fclteni yay\u0131nlanarak a\u00e7\u0131klanacakt\u0131r.<\/p>\n\n\n\n G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Bildirim Politikas\u0131 Genel Bilgiler BAS-IP, \u00fcr\u00fcnlerimizde ke\u015ffedilen g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 y\u00f6netme ve bunlara yan\u0131t verme konusunda sekt\u00f6r lideri uygulamalar\u0131 takip etmektedir. \u015eirketimiz taraf\u0131ndan sa\u011flanan \u00fcr\u00fcn ve hizmetlerin g\u00fcvenlik a\u00e7\u0131klar\u0131ndan tamamen ar\u0131nm\u0131\u015f oldu\u011funu garanti etmek imkans\u0131zd\u0131r. Bu, benzersiz bir \u00f6zellik de\u011fil, t\u00fcm yaz\u0131l\u0131mlar ve hizmetler i\u00e7in ortak bir ko\u015fuldur, ancak geli\u015ftirmenin her a\u015famas\u0131nda potansiyel g\u00fcvenlik […]<\/p>","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"inline_featured_image":false,"footnotes":""},"class_list":["post-151328","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/pages\/151328","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/comments?post=151328"}],"version-history":[{"count":3,"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/pages\/151328\/revisions"}],"predecessor-version":[{"id":151416,"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/pages\/151328\/revisions\/151416"}],"wp:attachment":[{"href":"https:\/\/bas-ip.com\/tr\/wp-json\/wp\/v2\/media?parent=151328"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}Politikan\u0131n Kapsam\u0131<\/h1>\n\n\n\n
Politikan\u0131n Kapsam\u0131na Girmeyenler<\/h1>\n\n\n\n
\n
Y\u00fck\u00fcml\u00fcl\u00fckler<\/h1>\n\n\n\n
G\u00fcvenlik A\u00e7\u0131\u011f\u0131 Y\u00f6netimi<\/h1>\n\n\n\n
\n
BAS-IP, harici a\u00e7\u0131klamadan \u00f6nce veya sonraki 4 hafta i\u00e7inde<\/strong> g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 gidermeye \u00e7al\u0131\u015f\u0131r. A\u00e7\u0131k kaynak bile\u015fenleri i\u00e7in, zaman \u00e7izelgesi genellikle daha uzundur, \u00e7\u00fcnk\u00fc BAS-IP bilgi, d\u00fczeltmeler ve\/veya do\u011frulama i\u00e7in d\u0131\u015f taraflara ba\u011fl\u0131d\u0131r<\/li>\n\n\n\n
BAS-IP, g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 gidermeyi hedefler, genellikle 2-3 ay<\/strong> i\u00e7inde<\/li>\n\n\n\n
BAS-IP, g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 bir sonraki planl\u0131 s\u00fcr\u00fcmde<\/strong> gidermeyi planlar<\/li>\n\n\n\n
BAS-IP yaz\u0131l\u0131m\/hizmetlerinin destek a\u015famas\u0131, genel yaz\u0131l\u0131m ya\u015fam d\u00f6ng\u00fcs\u00fc s\u00fcreci i\u00e7inde belirlenir. BAS-IP yaz\u0131l\u0131mlar\u0131\/hizmetleri genellikle end-of-life<\/em> (kullan\u0131m \u00f6mr\u00fc sonu) duyurusundan sonra 1 y\u0131l boyunca<\/strong> desteklenir.<\/li>\n<\/ul>\n\n\n\nG\u00fcvenlik A\u00e7\u0131\u011f\u0131 Raporlama<\/h1>\n\n\n\n
\n
\n
G\u00fcvenlik A\u00e7\u0131\u011f\u0131 A\u00e7\u0131klamas\u0131<\/h2>\n\n\n\n
Belge De\u011fi\u015fiklik Ge\u00e7mi\u015fi<\/h2>\n\n\n\n
S\u00fcr\u00fcm<\/th> Tarih<\/th> A\u00e7\u0131klama<\/th><\/tr> 1.0<\/td> 15.02.2024<\/td> \u0130lk s\u00fcr\u00fcm<\/td><\/tr><\/tbody><\/table><\/figure>","protected":false},"excerpt":{"rendered":"