A Data Exfiltration Attack Scenario: The Porsche Experience

As part of Checkmarx's mission to help organizations develop and deploy secure software, the Security Research team started looking at the security posture of major car manufacturers. Porsche has a well-established Vulnerability Reporting Policy (Disclosure Policy)[1], it was considered in scope for our research, so we decided to start there, and see what we could find.
What we found is an

attack car car manufacturers checkmarx data data exfiltration deploy disclosure exfiltration experience major mission organizations policy porsche posture reporting research scenario scope secure software security security posture security research software start team vulnerability vulnerability reporting