Security

GE Intelligent Platforms’ commitment to cybersecurity

Security is, and always will be, a top priority for GE Intelligent Platforms.  We work with customers, industry working groups and standards bodies, government agencies, and the security research community to continually improve the security of industrial control systems and global infrastructure.

As a provider of mission-critical technology, we are committed to providing reliable products to our customers and helping them deploy them securely within the industries they serve.

Product security advisories and patches

Security advisories for GE Intelligent Platforms products, including relevant security patches, can be found on the GE Intelligent Platforms Product Security Advisories support page.

To receive notifications about new GE Intelligent Platforms Security Advisories via email, please subscribe to the Auto-Notification Service.

Third-party patch validation

GE Intelligent Platforms regularly validates the compatibility of selected GE Intelligent Platforms products with third-party operating system security patches.  More information on this process can be found on the GE Intelligent Platforms Support website.

Report a product vulnerability or security concern

If you believe you have discovered a vulnerability in a GE Intelligent Platforms product, please contact security@ge.com. A GE Security Incident Response Team member will review and respond to your submission within 48 hours, depending on the severity of the concern. GE supports encrypted emails via PGP (GE’s public PGP key).  Please include the following details in your email:

• GE product name(s) and version(s).
• Description of the concern or vulnerability (e.g. privilege escalation, buffer overflow, SQL injection, cross-site scripting).
• Information to help our team replicate the issue (e.g. configuration details, a proof-of-concept, or exploit code).

In addition, customers can also call GE Intelligent Platforms Support for assistance with opening or escalating a case about a security vulnerability or other product security-related concern.

Product advisories provided here are subject to terms and conditions contained in customers’ underlying license agreements or other applicable agreements.  Due to ongoing product enhancements, GE reserves the right to change or update advisories without advance notification.

Submitting information on potential vulnerabilities does not create any rights on behalf of the submitting party or obligations on behalf of GE.  GE can use the information at its discretion.