Submission Process. Please submit all vulnerability reports to us by email at the email address ResponsibleDisclosure@bcg.com. In each report submitted, include:
a. a description of the vulnerability;
b. the URL, IP address, port, or other information that would assist us in locating the vulnerability;
c. detailed and clear steps to reproduce the issue (including logs, screenshots, responses, or other evidence) or proof of concept code;
d. how you found the issue;
e. presumed impact;
f. any remediation steps you would suggest; and
g. your name and contact details
On behalf of ourselves and our users and customers, thank you again for helping us improve our cybersecurity.
BCG reserves the right, in its sole discretion, to modify the terms of the Responsible Disclosure Guidelines or to terminate any or all of them at any time.