Customers will occasionally find security bugs in Apigee Edge (either Edge Cloud or Edge for Private Cloud). These bugs may be found by the customer during normal use of Edge or by their contracted testing firms. Customers are asked to report these bugs to Apigee through a standard support ticket. By opening a support ticket, the issue can be tracked, escalated, and resolved as appropriate.
Once customers submit a vulnerability report through the standard Apigee support process, the Support team will review the ticket and escalate to security and engineering teams as appropriate. Customers should expect a response in the ticket, although follow-up could come directly from Google security or engineering if more information is needed about the reported vulnerability.