NEEDHAM, Mass. – August 14, 2018 –– Continuing its commitment to promoting shared responsibility for safe and secure IoT deployments, PTC (NASDAQ: PTC) today has unveiled a Coordinated Vulnerability Disclosure (CVD) Program. The new program is designed to support the reporting and remediation of security vulnerabilities that could potentially affect the environments in which PTC products operate, including industrial and safety-critical industries.

The CVD Program is an essential component of PTC’s Shared Responsibility Model, which defines a framework for cybersecurity collaboration with customers, partners, and others within the industry. PTC’s CEO Jim Heppelmann highlighted this thought-leadership during his keynote presentation at the recent LiveWorx industry event, inviting partners and customers to work together with PTC to improve security by taking responsibility – and embracing speed – for the security responsibilities under their control.

As an extension to its Shared Responsibility Model, PTC’s CVD Program seeks contributions from external researchers who detect vulnerabilities in PTC’s ThingWorx-branded products. PTC invites both private individuals and organizations to report security vulnerabilities following a well-defined process, which aligns with the National Telecommunications and Information Administration (NTIA) Safety Working Group’s template. This program ensures that researchers can count on PTC to cooperate to protect its customers and the safety/privacy of the public.

The IoT market is at a tipping point, with IoT spending expected to reach $1.2 trillion in 2022, according to a recent IDC guide. “As organizations continue to invest in IoT, it is equally important that efforts are made across the entire IoT ecosystem to secure these end points and environments,” said Stacy Crook, research director, IoT, IDC.

“Sophisticated software and hyper-connectivity are fueling innovation at an unprecedented pace,” said Joshua Corman, SVP and chief security officer, PTC. “Those conditions can potentially introduce new classes of accidents and adversaries. In this new world order, cyber safety and security must become everyone’s responsibility, and we must work together to address such threats. PTC’s CVD Program is one significant step toward such collaboration, inviting private individuals and organizations to identify and communicate security vulnerabilities in a way that we can quickly assess, mitigate, and take corrective action to help further secure our products and customer implementations.”

More information, including reporting guidelines, can be found online here:

Additional Resources


PTC helps companies around the world reinvent the way they design, manufacture, operate, and service products in and for a smart, connected world. In 1986 we revolutionized digital 3D design, and in 1998 were first to market with Internet-based product lifecycle management. Today, our leading industrial innovation platform and field-proven solutions enable you to unlock value at the convergence of the physical and digital worlds. With PTC, manufacturers and an ecosystem of partners and developers can capitalize on the promise of the Internet of Things and augmented reality technology today and drive the future of innovation.           @PTC           Blogs

PTC and the PTC logo are trademarks or registered trademarks of PTC Inc. or its subsidiaries in the United States and other countries.

Media contacts

Corporate Communications
Jack McAvoy