Important lesson: if your company whitelabels a vendor solution, be sure to either exclude it from your bug bounty scope OR ensure your contract with the vendor allows your BB researchers to test it. Otherwise, you could be facilitating a CFAA violation.