Bug Bounty Web List
What is the Bug Bounty Program ?
Bug Bounty program provides recognition and compensation to security researchers practicing responsible disclosure. Company started Bug Bounty programs for improve their security, Cyber security researchers are finding vulnerabilities on top websites and get rewarded.
Bug Bounty program provides recognition and compensation to security researchers practicing responsible disclosure. Company started Bug Bounty programs for improve their security, Cyber security researchers are finding vulnerabilities on top websites and get rewarded.
Reward Program
- Avast! - http://www.avast.com/bug-bounty
- Barracuda - http://barracudalabs.com/
- Coinbase - https://coinbase.com/whitehat
- Chromium Project - http://www.chromium.org/
- CrowdShield - https://crowdshield.com/
- Cryptocat - https://crypto.cat/bughunt/
- Facebook - http://www.facebook.com/whitehat/
- Etsy - http://www.etsy.com/help/article/2463
- Gallery - http://codex.gallery2.org/Bounties
- Ghostscript - http://ghostscript.com/Bug_bounty_program.html (Mostly software development, occasional security issues)
- Google - http://www.google.com/about/company/rewardprogram.html
- Hex-Rays - http://www.hex-rays.com/bugbounty.shtml
- IntegraXor (SCADA) - http://www.integraxor.com/blog/integraxor-hmi-scada-bug-bounty-program
- LaunchKey - https://launchkey.com/docs/whitehat
- Marktplaats - http://statisch.marktplaats.nl/help/
- Mega.co.nz - http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/
- Meraki - http://www.meraki.com/trust/#srp
- Microsoft - http://www.microsoft.com/security/msrc/report
- Mozilla - http://www.mozilla.org/security/bug-bounty.html
- Paypal - https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues
- PikaPay - https://www.pikapay.com/pikapay-security-policy/
- Piwik - http://piwik.org/security/
- Ricebridge - http://www.ricebridge.com/bugs.htm (Only available to customers)
- Ripple - https://ripple.com/bug-bounty/
- Samsung - https://samsungtvbounty.com/
- Simple - https://www.simple.com/policies/website-security/
- Tarsnap - https://www.tarsnap.com/bugbounty.html
- Qiwi - https://www.qiwi.ru/page/hack.action
- Qmail - http://cr.yp.to/djbdns/guarantee.html
- Yandex - http://company.yandex.com/security/index.xml
- Zerobrane - http://notebook.kulchenko.com/zerobrane/zerobrane-studio-bug-bounty
Product & Services (Hall Of Fame Only)
- Acquia - https://www.acquia.com/how-report-security-issue
- ActiveProspect - http://activeprospect.com/activeprospect-security/
- Adobe - http://www.adobe.com/support/security/alertus.html
- Amazon.com (retail) - please email details to security@amazon.com
- Android Free Apps - http://www.androidfreeapp.net/security-researcher-acknowledgments/
- Apple - http://support.apple.com/kb/HT1318
- Blackberry - http://us.blackberry.com/business/topics/security/incident-response-team/collaborations.html
- Braintree - https://www.braintreepayments.com/developers/disclosure
- Card - https://www.card.com/responsible-disclosure-policy
- cPaperless - http://www.cpaperless.com/securitystatement.aspx
- Chargify - https://chargify.com/security/
- DiMartino Entertainment - http://moosikay.dimartinoentertainment.com/site/credits/
- eBay - http://pages.ebay.com/securitycenter
- EVE - http://community.eveonline.com/devblog.asp?a=blog&nbid=2384
- Evernote - http://evernote.com/security/
- Foursquare - https://foursquare.com/about/security
- Freelancer - http://www.freelancer.com/info/vulnerability-submission.php
- Future Of Enforcement - http://futureofenforcement.com/?page_id=695
- Gitlab - http://blog.gitlab.com/responsible-disclosure-policy/
- Gliph - https://gli.ph/s/security.html
- HakSecurity - http://haksecurity.com/special-thanks/
- Harmony - http://get.harmonyapp.com/security/
- Heroku - https://www.heroku.com/policy/security-hall-of-fame
- Iconfinder - http://support.iconfinder.com/customer/portal/articles/1217282-responsible-disclosure-of-security-vulnerabilities
- Kaneva - http://docs.kaneva.com/mediawiki/index.php/Bug_Bounty
- Kayako - https://my.kayako.com/
- Lastpass - https://lastpass.com/support_security.php
- Mahara - https://wiki.mahara.org/index.php
- MailChimp - http://mailchimp.com/about/security-response/
- Microsoft (Online Services) - http://technet.microsoft.com/en-us/security/cc308589
- Netflix - http://support.netflix.com/en/node/6657#gsc.tab=0
- Nokia - http://www.nokia.com/global/security/acknowledgements/
- Nokia Siemens Networks - http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
- Norada - http://norada.com/crm-software/security_response
- Owncloud - http://owncloud.org/about/security/hall-of-fame/
- Opera - https://bugs.opera.com/wizarddesktop/
- Oracle - http://:oracle.com/technetwork/topics/security
- Puppet Labs - https://puppetlabs.com/security/acknowledgments/
- RedHat - https://access.redhat.com/knowledge/articles/66234
- Risk.io - https://www.risk.io/security
- Security Net - http://www.securitynet.org/security-researcher-acknoledgments/
- Sellfy - https://sellfy.com/security/
- Spotify - https://www.spotify.com/us/about-us/contact/report-security-issues/
- Sprout Social - http://sproutsocial.com/responsible-disclosure-policy
- Telekom - http://www.telekom.com/corporate-responsibility/security/186450
- Thingomatic - http://thingomatic.org/security.html
- 37signals - https://37signals.com/security-response
- Tuenti - http://corporate.tuenti.com/en/dev/hall-of-fame
- Twilio - https://www.twilio.com/docs/security/disclosure
- Twitter - https://twitter.com/about/security
- WizeHive - http://www.wizehive.com/special_thanks.html
- Xmarks - https://buy.xmarks.com/security.php
- Zendesk - http://www.zendesk.com/company/responsible-disclosure-policy
- Zynga - http://company.zynga.com/security/whitehatsProduct & Services (No Reward)
- Amazon Web Services (AWS) - http://aws.amazon.com/security/vulnerability-reporting
- Apriva - http://www.apriva.com/security
- Authy - https://www.authy.com/security-issue
- Blackboard - http://www.blackboard.com/footer/security-policy.aspx
- Box - https://www.box.com/about-us/security/
- Cisco - http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#roosfassv
- Cloudnetz - http://cloudnetz.com/Legal/vulnerability-testing-policy.html
- Contant Contact - http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
- Coupa - http://trust.coupa.com/home/security/coupa-vulnerability-reporting-policy
- Drupal - https://drupal.org/security-team
- EMC2 - http://www.emc.com/contact-us/contact/product-security-response-center.htm
- Emptrust - http://www.emptrust.com/Security.aspx
- Heroku - https://www.heroku.com/policy/security-hall-of-fame
- HTC - http://www.htc.com/us/terms/product-security/
- Huawei - http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm
- IBM - http://www-03.ibm.com/security/secure-engineering/report.html
- KPN - http://www.kpn.com/Privacy.htm#tabcontent3
- Lievensberg Hospital - http://www.lievensbergziekenhuis.nl/paginas/141-disclaimer.html
- LinkedIn - http://help.linkedin.com/app/answers/detail/a_id/37022
- Lookout - https://www.lookout.com/responsible-disclosure
- Millsap Independent School District - http://www.millsapisd.net/BugReport.cfm
- Modus CSR - http://www.moduscsr.com/security_statement.php
- PagerDuty - http://www.pagerduty.com/security/disclosure/
- Panzura - http://panzura.com/support/panzura-security-policy/
- Pidgin - http://pidgin.im/security/
- Plone - http://plone.org/products/plone/security/advisories
- Pop Group - http://www.popgroupglobal.com/security.php
- Reddit - http://code.reddit.com/wiki/help/whitehat
- Relaso - http://relaso.com/disclosure
- Salesforce - http://www.salesforce.com/company/privacy/security.jsp#vulnerability
- Simplify - http://simplify-llc.com/simplify-security.html
- Skoodat - http://www.skoodat.com/security
- Scorpion Software - http://www.scorpionsoft.com/company/disclosurepolicy/
- Square - https://squareup.com/security/levels
- Symantec - http://www.symantec.com/security/
- Team Unify - http://www.teamunify.com/__corp__/security.php
- Tele2 - http://www.tele2.nl/klantenservice/veiligheid/tele2-en-veiligheid.html
- T-Mobile (Netherlands) - http://www.t-mobile.nl/Global/media/pdf/privacy_statement_juni_2012.pdf
- UPC - http://www.upc.nl/internet/veilig_internet/beveiligingsproblemen/
- Viadeo - http://www.viadeo.com/aide/security/
- Vodafone (Netherlands) - http://over.vodafone.nl/vodafone-nederland/privacy-veiligheid/beveiliging-en-bescherming/wat-doet-vodafone/meld-een-beveilig
- VSR - http://www.vsecurity.com/company/disclosure
- X.commerce - http://www.x.com/security
- Xen - http://www.xen.org/projects/security_vulnerability_process.html
- Ziggo - https://www.ziggo.nl/#klantenservice/internet/risicos-op-internet/meldpunt-beveiligingslekken
Source: Bugcrowd
Bug Bounty Web List
Reviewed by Unknown
on
1/21/2015
Rating:
Reviewed by Unknown
on
1/21/2015
Rating:
No comments:
Post Your Comment Here Please