socialmedian.com
External Program
Submit bugs directly to this organization
External Program
Submit bugs directly to this organization
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
This document describes the New Work Security Team according to RFC 2350.
It is intended to provide the general Internet community and other security teams with basic information.
1.1. Date of Last Update
This version was published on 2025-04-10.
1.2 Distribution List for Notifications
There is no distribution list for this document. Our RFC 2350 profile is kept up-to-date on the location named in section 1.3.
1.3 Locations where this Document May Be Found
The current version of this document is available on our website:
https://www.new-work.se/.well-known/rfc-2350.txt
1.4 Authenticating this Document
This document is available via HTTPS. It is clearsigned with the following key:
https://www.new-work.se/.well-known/openpgpkey/nwse-security.asc
2.1 Name of the Team
Full name: New Work Security and Technical Risk Management Team
Short name: New Work Security Team
2.2 Address
New Work SE Security and Technical Risk Management Am Strandkai 1 20457 Hamburg Germany
2.3 Time Zone
CET (UTC+1) / CEST (UTC+2, daylight saving time)
2.4 Telephone Number
+49 40 419 131 - 0 (ask for the Security Team)
2.5 Facsimile Number
+49 40 419 131 - 11
2.6 Other Telecommunication Options
None available.
2.7 Electronic Mail Address
security-reports [at] new-work [dot] se
2.8 Public Keys and Other Encryption Information
To encrypt sensitive data, please use our PGP key.
2.9 Team Members
Tilmann Haak is head of the New Work Security Team and CISO. Management,liaison and supervision are provided by Björn Linder (Senior Vice President Engineering).
2.10 Other Information
General information about the New Work Security Team and security at New Work in general can be found at:
https://privacy.xing.com/en/your-security
We are listed in the TF-CSIRT / Trusted Introducer directory:
https://www.trusted-introducer.org/directory/teams/xing.html
2.11 Points of Customer Contact
The preferred method for contacting the New Work Security Team is via e-mail at:
security-reports [at] new-work [dot] se
We can be reached by telephone during regular office hours.
For general issues, please contact our support at:
https://www.xing.com/support/contact
3.1 Mission Statement
We assist and advise New Work SE and its subsidiaries (New Work Group) while asserting New Work Group's security interests vis-à-vis internal and external parties.
Our mission is to ensure that the New Work Group and its customer data are as secure as possible.
We provide a single point of contact for all security issues affecting the New Work Group for both internal and external parties.
3.2 Constituency
Our constituency consists of the New Work Group including:
InterNations GmbH NEW WORK AUSTRIA XING kununu onlyfy GmbH New Work Networking Portugal Unipessoal Lda. New Work Networking Spain S.L. NEW WORK XING AG Prescreen GmbH i.L. kununu GmbH
We are responsible for the following autonomous systems:
AS50343 AS207139
3.3 Sponsorship and/or Affiliation
The New Work Security Team is part of New Work SE located in Hamburg, Germany.
3.4 Authority
The Security Team responds to, investigates, and coordinates security incidents on behalf of the New Work Group.
4.1 Types of Incidents and Level of Support
The New Work Security Team addresses all types of information security incidents which occur, or threaten to occur, within its remit.
The level of support depends on the severity of the respective incident. We only provide limited direct support to users of the XING jobs network. Please contact our support team at:
https://www.xing.com/support/contact
4.2 Cooperation, Interaction and Disclosure of Information
Within the process of responding to an incident, we will exchange necessary information with other authorised parties on an appropriate legal basis.
The New Work Security Team supports the traffic light protocol for information sharing as published on https://www.first.org/tlp/. Do not send unencrypted e-mails containing information labelled AMBER or RED.
We operate under German law. This involves careful handling of personally identifiable data with regards to data protection and privacy laws. We may be obliged to disclose information if required by or under any enactment or by a rule of law or order of a court.
4.3 Communication and Authentication
For sensitive information, use encrypted e-mail (our public keys are listed in section 2.8). For non-sensitive information, unencrypted e-mail, fax, or telephone is considered to be sufficient.
5.1 Incident Response
The New Work Security Team deals with and assists in the technical and organisational aspects of information security incidents.
5.2 Proactive Activities
Regarding the XING jobs network, you may use our regular contact form by going to the topic "Privacy Policy and Security":
https://www.xing.com/support/contact/security
You can report abuse or suspicious activity directly within the XING platform, e.g. by using the "report as spam" or "report profile" functionality.
For all other information regarding security incidents, please contact us via e-mail. -----BEGIN PGP SIGNATURE-----
iQJOBAEBCAA4FiEEfnw1fKXUkVvEB/azTemLVVKlC5IFAmf3wXQaHHNlY3VyaXR5 LXJlcG9ydHNAeGluZy5jb20ACgkQTemLVVKlC5LFNg/8DMVKIHDMV0Ncb0MIOld6 DPavGfo3vSlVOFnyxAi6mk8SkNsTVk0VZHpUs+f2QxhmmonxFeHKtBz470oDep2X P6rX6Zvv5zSSj5d4E4lO+9P3Re77zbQxMiP19Jug/kzaBT0fmIOinGYSv89fS0gj 1/T4RpNZY6f+yiumsy7uEf7Fvo3FgHREnQ1UwgUdaNX5w8yy4cl7+86F2qb9uwtj RpOvnkCYoWNFN855ivHDhFAkwd0f+RW1b2HNlU9DT1HSH9mT07TxLiUI3obsytXC o6w4uepg1+QPcx22EFiaF9pDsNndM4EKdeXdujdSsigaIRvkKi/uy3MUOPcamy3f ZvJ1DRBn+TIvm2oONS3Bot7P9miM/g/w7uWCC2f0a7H/c88XkKNAQDkp6tFgWGyt Q/6RO/jq2s+s0WsdhkG2QO6VEJM4O5Nwj/5EfeWnUATd/+z4OxS8SswpkiYT9JXR r22b1Ga/O3Z1qWOPWsmNQGOA8AmHFeHt3IzG5SCzTLPuyWW5/QNSAL90KhByEQbq XglEzeEGhhyCLep9Bbh5V9tmTGM8Glr2y4NPC/c/IN+04f/SKD+nVsoU0JmCpavM Bc5MsgUjoCcxgVnpa8I2o3QodLUo88HHSYUuu9AdVGxJ4nZj+oEjdb50miSzhEHK YyByP3G3JL6nOhTNjE43riE= =BTTv -----END PGP SIGNATURE-----