PSTI Compliance Information
Information on How to Report Security Issues
Protecting our customers from security threats is a top priority for nami. As a provider of IoT sensing products, we are committed to delivering secure and reliable products and services, while safeguarding the privacy and security of user data.
We welcome and encourage responsible disclosure of any potential security vulnerabilities or privacy concerns. All reports will be handled in accordance with our established processes, and we will provide timely feedback to reporters.
Reporting Vulnerabilities to nami
We strongly encourage individuals and organizations to report potential security or privacy vulnerabilities to nami’s security team.
To report a vulnerability, please email security@nami.ai
Please include the following information:
- Product model and version
- Software/firmware version
- Detailed description of the vulnerability
- Steps to reproduce (if available)
We aim to acknowledge receipt of reports within 5 working days.
Additional information may be requested to support validation and remediation.
Responsible Disclosure Guidelines
We ask that all reporters adhere to the following principles:
- Comply with all applicable laws and regulations in your jurisdiction.
- Test vulnerabilities only on the latest publicly available firmware versions.
- Submit reports through the designated communication channel (security@nami.ai). Reports submitted via other channels may not be acknowledged.
- Respect user privacy and data protection at all times. Do not access, modify, or delete data that does not belong to you.
- Maintain confidentiality and avoid public disclosure until a coordinated disclosure timeline is agreed.
- nami does not currently operate a vulnerability reward or bug bounty program.
How nami Handles Vulnerabilities
nami actively encourages vulnerability reporting from customers, researchers, and the wider security community. We also monitor public sources such as vulnerability databases and security advisories.
- Reports are typically acknowledged within 5 business days
- Our security team will assess validity, severity, and impact
- We may contact reporters for additional details
Once confirmed:
- A remediation plan will be developed
- Fixes will be delivered via updates or mitigations
We aim to resolve vulnerabilities within 90 days, although complex issues may require additional time.
Security Advisories
nami will publish a security advisory when appropriate, including but not limited to:
- When a vulnerability is assessed as critical and remediation is available
- When there is evidence of active exploitation
- When disclosure is necessary to protect customers or maintain transparency
Advisories may include mitigation guidance, firmware updates, or temporary workarounds.
Information on Minimum Security Update Periods
In accordance with applicable product security requirements, nami provides security updates for a defined minimum support period.
Support Commitment:
nami products receive security updates for a minimum of 2 years from the product availability date.
⚠️ This information is subject to periodic review and may be updated.
Supported Products
| Model | Product Type | Availability Date |
|---|---|---|
| NSB300 | Alarm Pod | 1 Jan 2025 |
| NSB301 | Alarm Pod | 1 Jan 2026 |
| NSB302 | SensePod | 1 Apr 2026 |
| NSP300A | SensePlug | 1 Jan 2026 |
| NSP300B | SensePlug | 1 Jan 2025 |
| NSP300E | SensePlug | 1 Jan 2025 |
| NSP300F | SensePlug | 1 Jan 2025 |
| NSP300G | SensePlug | 1 Jan 2025 |
| NSA300 | Door Sensor | 1 Jan 2025 |
| NSA302 | PIR Motion Sensor | 1 Jul 2025 |
| NSA301 | Keypad | 1 Jan 2026 |
