Security

GE encourages security personnel, researchers, GE customers, and the general public to report security concerns relating to GE products or services. This page describes how to submit your concern to GE and the information you should include to help us better understand and respond to your report.

HOW TO REPORT A SECURITY CONCERN OR VULNERABILITY TO GE

Email the risk, threat, vulnerability, or concern information to . If necessary, please use GE’s public key to encrypt your email.

A GE Security Incident Response Team member will review and respond to your submission (typically within 48 hours, depending on the severity of the concern).

WHAT TO INCLUDE IN YOUR REPORT

• Information that pertains to the disclosure, degradation, or denial of GE information.

• GE product name(s) and version(s).
• Description of the concern or vulnerability (e.g. privilege escalation, buffer overflow, SQL injection, cross-site scripting).
• Information to help our team replicate the issue (e.g. configuration details, a proof-of-concept, or exploit code).