Owl Labs Security Hub

At Owl Labs we are committed to providing industry-leading and secure products and services to our customers. We welcome and encourage reports from external sources that are concerned with security. Owl Labs defines a security vulnerability as an unintended weakness in a product that could allow an attacker to compromise the integrity, availability, or confidentiality of our products.

Submit Report

If you believe you have uncovered a potential security vulnerability with any of Owl Labs’ products, software or systems, we look forward to receiving your report through our Bugcrowd platform directly, or by using the below submission form. Our dedicated team will investigate your report and contact you as soon as possible. We appreciate your help in disclosing the issue to us responsibly.

For other information:

Submit Report

Using the form below, you are about to submit a report to Owl Labs. Please provide all detailed information available about the potential issue you have discovered. The more information you provide, the quicker we will be able to validate the issue.

Owl Labs Security Protocol

  • The recommended patch level with security update is 6.3.

  • Owl Labs web applications use HTTPS with TLS 1.2 and above with key strength AES 256 SHA 256.

  • Owl Labs IOT devices use MQTT protocol and TLS 1.2 with encryption key minimum AES 128 SHA 256.

  • The over the air update package (OTA update) is encrypted using TLS 1.2 and key strength RSA 2048 SHA 256.

  • When connecting to the device through bluetooth connection, the desktop, mobile application and Device bluetooth uses app level encryption using AES256 GCM key.

  • Owl Connect uses WPA2 CCMP which is AES 128 encryption using Pre-Shared key (PSK) per each secondary device using 256 bits.

  • Owl Labs devices never record, collect, transmit or store any video or audio data from any meetings.

  • When connected to WiFi, the MQTT connection sends meeting-related device specific analytics to the AWS Cloud including length of meetings and number of meetings.

  • Owl Connect uses its own WiFi network to communicate between two or three Owl Labs devices. The WiFi network is a private network created among the Owl Labs devices. It does not use corporate WiFi to establish a wireless connection between Owl Labs devices. The protocol and keys are WPA2 CCMP which is AES 128 encryption using Pre-Shared Key (PSK ) per each secondary device using 256 bits.

  • All the public-facing sites and MQTT uses TLS 1.2 and AES keys. Which meets FIPS 140-2 FIPS Standards.