Tencent Blade Team was founded in 2017 by Tencent Security Platform Department, focusing on security research in the frontier technologies such as AI, IoT, Mobile devices, Cloud virtualization technology, and blockchain. We have reported more than 200 security vulnerabilities to companies such as Apple, Amazon, Google, Microsoft, and Adobe. In the past two years, Our team members have been on the stage of top security conferences such as BlackHat, DEFCON, CanSecWest, HITB, POC, XCon, CSS. At the same time, Tencent Blade Team has established close cooperation with Tencent’s major business teams to promote the security of Tencent products and create a safer Internet ecosystem.
Responsible vulnerability disclosure process
Tencent Blade Team will find security vulnerabilities in many vendors, open source software or devices during research process. We will report security vulnerabilities to vendors as soon as possible and actively help them in fixing these vulnerabilities.
When the vulnerability security patch is released, we may disclose more details about the vulnerability. We will retain the right to disclose the details of the vulnerability if we have not received any substantive response 90 days after the vendor first reported the vulnerability or if the vendor has not fixed the vulnerability. Before the details of the vulnerability are publicly disclosed, we may provide details to Tencent’s product team to help Tencent establish proactive protection measures to protect our users.
Tencent Blade Team strictly follows the responsible vulnerability disclosure process and we will do our best to reach out to affected vendors in an open manner. We also work closely with MITRE, CERT/CC, CNVD, and CNNVD to ensure timely notification to affected vendors.
If you need to contact our team, please send an email to: firstname.lastname@example.org
You can also follow us in the following ways:
If you would like to report a security vulnerability related to Tencent, please visit the Tencent Security Response Center: https://en.security.tencent.com