Skip to main content

Security

GE  encourages security personnel, researchers, GE customers, and the general public to report security concerns relating to GE products or services. This page describes how to submit your concern to GE and the information you should include to help us better understand and respond to your report.

HOW TO REPORT A SECURITY CONCERN OR VULNERABILITY TO GE

Email the risk, threat, vulnerability, or concern information to security@ge.com.  If necessary, please use GE’s public PGP key to encrypt your email.

A GE Security Incident Response Team member will review and respond to your submission (typically within 48 hours, depending on the severity of the concern).

WHAT TO INCLUDE IN YOUR REPORT

If you believe that GE data or systems have been compromised, please include the following details in your email:

  • Information that pertains to the disclosure, degradation, or denial of GE information.

If you believe you have discovered a vulnerability in a GE product, please include the following details in your email:

  • GE product name(s) and version(s).
  • Description of the concern or vulnerability (e.g. privilege escalation, buffer overflow, SQL injection, cross-site scripting).
  • Information to help our team replicate the issue (e.g. configuration details, a proof-of-concept, or exploit code).
Printer Friendly and PDF