socialmedian.com
External Program
Submit bugs directly to this organization
External Program
Submit bugs directly to this organization
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This document describes the New Work Security Team according to RFC 2350.
It is intended to provide the general Internet community and other
security teams with basic information.
1.1. Date of Last Update
This version was published on 2025-04-10.
1.2 Distribution List for Notifications
There is no distribution list for this document.
Our RFC 2350 profile is kept up-to-date on the location named in section 1.3.
1.3 Locations where this Document May Be Found
The current version of this document is available on our website:
https://www.new-work.se/.well-known/rfc-2350.txt
1.4 Authenticating this Document
This document is available via HTTPS. It is clearsigned with the following key:
https://www.new-work.se/.well-known/openpgpkey/nwse-security.asc
2.1 Name of the Team
Full name:
New Work Security and Technical Risk Management Team
Short name:
New Work Security Team
2.2 Address
New Work SE
Security and Technical Risk Management
Am Strandkai 1
20457 Hamburg
Germany
2.3 Time Zone
CET (UTC+1) / CEST (UTC+2, daylight saving time)
2.4 Telephone Number
+49 40 419 131 - 0 (ask for the Security Team)
2.5 Facsimile Number
+49 40 419 131 - 11
2.6 Other Telecommunication Options
None available.
2.7 Electronic Mail Address
security-reports [at] new-work [dot] se
2.8 Public Keys and Other Encryption Information
To encrypt sensitive data, please use our PGP key.
2.9 Team Members
Tilmann Haak is head of the New Work Security Team and CISO. Management,liaison and
supervision are provided by Björn Linder (Senior Vice President Engineering).
2.10 Other Information
General information about the New Work Security Team and security at New Work in
general can be found at:
https://privacy.xing.com/en/your-security
We are listed in the TF-CSIRT / Trusted Introducer directory:
https://www.trusted-introducer.org/directory/teams/xing.html
2.11 Points of Customer Contact
The preferred method for contacting the New Work Security Team is via e-mail
at:
security-reports [at] new-work [dot] se
We can be reached by telephone during regular office hours.
For general issues, please contact our support at:
https://www.xing.com/support/contact
3.1 Mission Statement
We assist and advise New Work SE and its subsidiaries (New Work Group) while
asserting New Work Group's security interests vis-à-vis internal and external parties.
Our mission is to ensure that the New Work Group and its customer data are as
secure as possible.
We provide a single point of contact for all security issues affecting
the New Work Group for both internal and external parties.
3.2 Constituency
Our constituency consists of the New Work Group including:
InterNations GmbH
NEW WORK AUSTRIA XING kununu onlyfy GmbH
New Work Networking Portugal Unipessoal Lda.
New Work Networking Spain S.L.
NEW WORK XING AG
Prescreen GmbH i.L.
kununu GmbH
We are responsible for the following autonomous systems:
AS50343
AS207139
3.3 Sponsorship and/or Affiliation
The New Work Security Team is part of New Work SE located in Hamburg, Germany.
3.4 Authority
The Security Team responds to, investigates, and coordinates security
incidents on behalf of the New Work Group.
4.1 Types of Incidents and Level of Support
The New Work Security Team addresses all types of information security
incidents which occur, or threaten to occur, within its remit.
The level of support depends on the severity of the respective incident.
We only provide limited direct support to users of the XING jobs network.
Please contact our support team at:
https://www.xing.com/support/contact
4.2 Cooperation, Interaction and Disclosure of Information
Within the process of responding to an incident, we will exchange
necessary information with other authorised parties on an appropriate
legal basis.
The New Work Security Team supports the traffic light protocol for information
sharing as published on https://www.first.org/tlp/.
Do not send unencrypted e-mails containing information labelled AMBER or
RED.
We operate under German law. This involves careful handling of
personally identifiable data with regards to data protection and privacy
laws. We may be obliged to disclose information if required by or under
any enactment or by a rule of law or order of a court.
4.3 Communication and Authentication
For sensitive information, use encrypted e-mail (our public keys are
listed in section 2.8). For non-sensitive information, unencrypted
e-mail, fax, or telephone is considered to be sufficient.
5.1 Incident Response
The New Work Security Team deals with and assists in the technical and
organisational aspects of information security incidents.
5.2 Proactive Activities
Regarding the XING jobs network, you may use our regular contact
form by going to the topic "Privacy Policy and Security":
https://www.xing.com/support/contact/security
You can report abuse or suspicious activity directly within the XING
platform, e.g. by using the "report as spam" or "report profile"
functionality.
For all other information regarding security incidents, please contact
us via e-mail.
-----BEGIN PGP SIGNATURE-----
iQJOBAEBCAA4FiEEfnw1fKXUkVvEB/azTemLVVKlC5IFAmf3wXQaHHNlY3VyaXR5
LXJlcG9ydHNAeGluZy5jb20ACgkQTemLVVKlC5LFNg/8DMVKIHDMV0Ncb0MIOld6
DPavGfo3vSlVOFnyxAi6mk8SkNsTVk0VZHpUs+f2QxhmmonxFeHKtBz470oDep2X
P6rX6Zvv5zSSj5d4E4lO+9P3Re77zbQxMiP19Jug/kzaBT0fmIOinGYSv89fS0gj
1/T4RpNZY6f+yiumsy7uEf7Fvo3FgHREnQ1UwgUdaNX5w8yy4cl7+86F2qb9uwtj
RpOvnkCYoWNFN855ivHDhFAkwd0f+RW1b2HNlU9DT1HSH9mT07TxLiUI3obsytXC
o6w4uepg1+QPcx22EFiaF9pDsNndM4EKdeXdujdSsigaIRvkKi/uy3MUOPcamy3f
ZvJ1DRBn+TIvm2oONS3Bot7P9miM/g/w7uWCC2f0a7H/c88XkKNAQDkp6tFgWGyt
Q/6RO/jq2s+s0WsdhkG2QO6VEJM4O5Nwj/5EfeWnUATd/+z4OxS8SswpkiYT9JXR
r22b1Ga/O3Z1qWOPWsmNQGOA8AmHFeHt3IzG5SCzTLPuyWW5/QNSAL90KhByEQbq
XglEzeEGhhyCLep9Bbh5V9tmTGM8Glr2y4NPC/c/IN+04f/SKD+nVsoU0JmCpavM
Bc5MsgUjoCcxgVnpa8I2o3QodLUo88HHSYUuu9AdVGxJ4nZj+oEjdb50miSzhEHK
YyByP3G3JL6nOhTNjE43riE=
=BTTv
-----END PGP SIGNATURE-----