Skip to main content Skip to navigation Skip to search

Leading the way to greener and smarter mobility, worldwide.

Our ambition is to accompany all transportation stakeholders in meeting tomorrow’s mobility challenges. We strive to provide them with the most efficient and digital mobility systems, while further improving the environmental friendliness of our solutions. 

Smart innovation for sustainable mobility

Follow us on

A comprehensive portfolio of mobility solutions

We offer a complete range of equipment and services, from high-speed trains, metros, trams and e-buses to integrated systems, customised services, infrastructure, signalling and digital mobility solutions.

Discover our solutions

Follow us on


Find the latest Alstom press releases and news, press kits, your regional press contacts and more!

Enter the newsroom

Follow us on

The one stop shop for all relevant information for investors and shareholders

Access our financial & share information, our financial calendar and results, regulated information, shareholders' meetings and investors' contacts & presentations.

See more

Follow us on

You know we make trains move. Discover how we move the world.

At Alstom, we value curious and innovative people who are passionate about working together to reinvent mobility, making it smarter and more sustainable. We are building an agile, inclusive, and responsible culture, where diverse people are offered opportunities to learn, grow and advance in their careers, with options across functions and geographies.

Learn more

Alstom recognises the need for effective cybersecurity programs to address our customers’ requirements for safe and secure Products, Solutions and Services and has established a Product Security Incident Response Team (PSIRT) to identify and address vulnerabilities in its Products, Solutions and Services.


This page describes Alstom’s approach for receiving reports related to potential cybersecurity vulnerabilities in its Products, Solutions and Services and Alstom’s standard practice for informing customers and other required stakeholders of verified vulnerabilities.

Alstom customers

If you are or represent a customer of Alstom, please report (or advise the customer to report) potential cybersecurity issues, including any vulnerabilities, to the Alstom contract representative / Project Manager, as identified and in accordance with the customer’s supply or service contract with Alstom to ensure the proper handling and processing of the potential issue.

Security researchers and other vulnerability finders

If you wish to report a potential cybersecurity vulnerability in an Alstom product and/or service, please provide the following information in the English language (if possible):

  • Your contact details
  • Product, Solution or Service concerned: name/designation, configuration.
  • Description of the vulnerability and its potential impact.
  • Description of how to reproduce the issue (proof-of-concept or exploit code).
  • Description of the conditions for the issue realisation.

Please send this information to the PSIRT e-mail address: 


In case of sensitive information, please provide your encrypted report using our PGP key below:

PGP Public Key and Fingerprint: 60EA 8A05 639E EAE3 8D7F D0D0 5691 53A2 A90C 80AD (answers can be signed with this key)

Please note that by submitting this information, you agree that:

  • You will refrain from disclosing publicly any information about the vulnerability until Alstom has explicitly agreed to do so.
  • You will not engage in any activities related to the discovered vulnerability that could affect Alstom’s customers or suppliers.
  • You have not infringed any law or regulation by communicating such information and related data to Alstom.
  • You will not take advantage of the security issue.
  • ALSTOM may use and distribute the information as required, and you agree that the submission does not create any rights for you or create any obligations for Alstom.

Please only include the information required for ALSTOM to review and handle any potential cybersecurity issue (e.g., a potential vulnerability or breach).  Any submitted personal information will be handled in accordance with our privacy notice. 

How Alstom responds to a confirmed vulnerability:

Alstom will acknowledge the receipt of the alleged vulnerability to the Reporting Party as soon as the information has been reviewed. Alstom will assess the information provided by the Reporting Party.

If the reported vulnerability is confirmed to be valid, Alstom shall assess such finding with the associated risks of the affected product(s) and service(s) and shall investigate the appropriate countermeasures and develop the necessary resolutions and strategies, including the appropriate steps to be taken with its affected customers and the relevant authorities, where required.

During this phase, we may communicate further with the Reporting Party for additional information.

The Reporting Party may, at Alstom discretion, be informed of the conclusions from such assessments.

Smart security for cybersecurity whitepaper

Cybersecurity: for safe & secure mobility

Read more