Welcome to Egencia's Responsible Disclosure Page
Get Started

Responsible Disclosure Policy

ResponsibleDisclosure.com (operated by an independent third party, Synack, on behalf of Egencia).

This page is for security researchers interested in reporting application security vulnerabilities. This is intended for application security vulnerabilities only.

The details within your request form will be submitted to Synack. If you have reported an issue determined to be within program scope and to be a valid security issue, Synack will validate your finding and you will be allowed to disclose the vulnerability after a fix has been issued. This process is managed exclusively by Synack through their platform, accordingly you must accept the Synack terms of service if you wish to proceed. All queries are to be directed to Synack and managed exclusively through the ResponsibleDisclosure.com online portal.

For a full overview and listing of Egencia VDP program scope, please visit the Egencia Vulnerability Disclosure Policy page. For inquiries on scope or Egencia’s Vulnerability Disclosure Policy, please contact egencia@responsibledisclosure.com .

Responsible Disclosure Guidelines

Researchers must follow the testing guidelines outlined in Egencia's VDP, as well as the guidelines below (excerpted from the Synack ROE page and not covered by Egencia VDP):

All users of our online services are subject to our Privacy Statement and agree to be bound by our Terms of Service. © 2024 GBT Travel Services UK Limited. GBT Travel Services UK Limited (GBT UK) and its authorized sublicensees (including Ovation Travel Group and Egencia) use certain trademarks and service marks of American Express Company or its subsidiaries (American Express) in the “American Express Global Business Travel” and “American Express GBT Meetings & Events” brands and in connection with its business for permitted uses only under a limited license from American Express (Licensed Marks). The Licensed Marks are trademarks or service marks of, and the property of, American Express. GBT UK is a subsidiary of Global Business Travel Group, Inc. (NYSE: GBTG). American Express holds a minority interest in GBTG, which operates as a separate company from American Express.