Security Disclosure
Responsible Vulnerability Disclosure Program
Our Commitment
10G Telecom India takes the security of our network, customer data, and infrastructure with the utmost seriousness. We are committed to working with the security research community to identify and address vulnerabilities responsibly. We appreciate and recognize the important role that ethical security researchers play in keeping our infrastructure secure.
Scope
Our disclosure program covers vulnerabilities in 10G Telecom customer portals, network management systems, and public-facing infrastructure. This includes: authentication bypasses, data exposure vulnerabilities, remote code execution, SQL injection, cross-site scripting, and privilege escalation in our systems.
Reporting a Vulnerability
To report a security vulnerability, email our Security Operations Center at security@10gtelecom.com. Please encrypt sensitive reports using our PGP key (available on request). Include a clear description of the vulnerability, steps to reproduce, potential impact, and any proof-of-concept code.
Our Response Process
We commit to acknowledging your report within 24 hours. Our security team will investigate and provide an initial assessment within 5 business days. We will keep you informed of our progress and notify you when the vulnerability is resolved. We aim to resolve critical vulnerabilities within 7 days and high-severity issues within 30 days.
Safe Harbor
If you act in good faith, avoid privacy violations, data destruction, or service disruption, and only access accounts you own or have explicit permission to test, we will not pursue legal action against you. We ask that you do not disclose vulnerabilities publicly until we have had a reasonable opportunity to address them (90-day coordinated disclosure).
Recognition
We maintain a Hall of Fame for security researchers who responsibly disclose vulnerabilities. Exceptional reports may be eligible for our security bug bounty program. Contact security@10gtelecom.com for bounty eligibility details.