Keyboard ALT + g to toggle grid overlay
All security incidents are managed through Autodesk’s Incident Response Plan, which is based on industry best practices and incorporates protective, detective, and corrective measures to quickly resolve product security and information security incidents.
A security incident is one or more unwanted or unexpected information or product security events that could compromise the confidentiality, integrity or availability of information and weaken or impair business operations. These include but are not limited to:
When an incident occurs, our Security Incident Response Team works as quickly as possible to remediate the threat though our established process:
Incident categories provide a shared “measure” within Autodesk of the size and potential impact of the incident. By defining incident categories, Autodesk is able to set expectations as to the severity and response actions necessary to deal with the situation. Autodesk assigns incidents a reverse scale of priority, with one being the most critical and four being the least severe.
In order to gain visibility into these advanced threats, specifically targeting our organization, we closely monitor our network borders for threat indicators. With this enhanced visibility, we gain insight into persistent suspicious activity, present cyber threats and ongoing exploits. This allows Autodesk to take proactive steps to defend against these threats with the appropriate incident response.
Autodesk’s Security Incident Response Plan centralizes all aspects of our response to provide cross-functional consistency between Product Security, Public Relations, Legal and Privacy. This team is committed to delivering a transparent response including timely and consistent communication with our customers.
For critical incidents and product updates, customers may be notified and the Trust Center will be updated. Autodesk also supports coordinated disclosure and if a vulnerability is reported privately to us, we work closely with researchers and drive a resolution plan. We encourage researchers to reach out to us to report a vulnerability or an issue by clicking here.
When an incident occurs that requires customer attention, Autodesk will post Security Advisories to the Trust Center to communicate with our users and provide updates. In some cases, we may reach out to our customers directly by email. Please refer to the Security Advisories page for general security updates, patches and vulnerability information.