What is the Bug Bounty Program?

Bug Bounty program provides recognition and compensation to security researchers practicing responsible disclosure. Company started Bug Bounty programs for improve their security. The Cyber security researchers are finding vulnerabilities on top websites and get rewarded.

Here are following Bug Bounty Web List.

Reward Programs

AT&T – http://developer.att.com/developer/apiDetailPage.jsp?passedItemId=10700235

(To submit you need to sign up to the free Developer API program)

Airtable – https://staging.airtable.com/security#responsible-disclosure

Algolia – https://hackerone.com/algolia

Alibaba – https://security.alibaba.com

Avast! – http://www.avast.com/bug-bounty

Barracuda – http://barracudalabs.com/

Badoo – http://corp.badoo.com/security

Brave – brave.com , mail to security@brave.com

Coinbase – https://coinbase.com/whitehat

Chromium Project – http://www.chromium.org/

CrowdShield – https://crowdshield.com/

Cryptocat – https://crypto.cat/bughunt/

Facebook – http://www.facebook.com/whitehat/

Etsy – http://www.etsy.com/help/article/2463

Gallery – http://codex.gallery2.org/Bounties

Ghostscript – http://ghostscript.com/Bug_bounty_program.html (Mostly software development, occasional security issues)

Google – http://www.google.com/about/company/rewardprogram.html

Hex-Rays – http://www.hex-rays.com/bugbounty.shtml

IntegraXor (SCADA) – http://www.integraxor.com/blog/integraxor-hmi-scada-bug-bounty-program

LaunchKey – https://launchkey.com/docs/whitehat

LiveAgent – https://www.ladesk.com/bug-bounty-program/

Marktplaats – http://statisch.marktplaats.nl/help/

Mega.co.nz – http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/

Meraki – http://www.meraki.com/trust/#srp

Microsoft – http://www.microsoft.com/security/msrc/report

Monet- https://monet.network/

Mozilla – http://www.mozilla.org/security/bug-bounty.html

Paypal – https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues

PikaPay – https://www.pikapay.com/pikapay-security-policy/

Piwik – http://piwik.org/security/

Post Affiliate Pro – https://www.postaffiliatepro.com/post-affiliate-pro-bug-bounty-program

Recargapay – recargapay.com.br Mail to infosec@recargapay.com

Ricebridge – http://www.ricebridge.com/bugs.htm (Only available to customers)

Ripple – https://ripple.com/bug-bounty/

Samsung – https://samsungtvbounty.com/

Simple – https://www.simple.com/policies/website-security/

Tarsnap – https://www.tarsnap.com/bugbounty.html

Qiwi – https://www.qiwi.ru/page/hack.action

Qmail – http://cr.yp.to/djbdns/guarantee.html

Yandex – http://company.yandex.com/security/index.xml

Zerobrane – http://notebook.kulchenko.com/zerobrane/zerobrane-studio-bug-bounty

Product and Services (Hall Of Fame Only)

Acquia – https://www.acquia.com/how-report-security-issue

ActiveProspect – http://activeprospect.com/activeprospect-security/

Adobe – http://www.adobe.com/support/security/alertus.html

Amazon.com (retail) – please email details to security@amazon.com

Android Free Apps – http://www.androidfreeapp.net/security-researcher-acknowledgments/

Apple – http://support.apple.com/kb/HT1318

Blackberry – http://us.blackberry.com/business/topics/security/incident-response-team/collaborations.html

Braintree – https://www.braintreepayments.com/developers/disclosure

Card – https://www.card.com/responsible-disclosure-policy

cPaperless – http://www.cpaperless.com/securitystatement.aspx

Chargify – https://chargify.com/security/

DiMartino Entertainment – http://moosikay.dimartinoentertainment.com/site/credits/

eBay – http://pages.ebay.com/securitycenter

EVE – http://community.eveonline.com/devblog.asp?a=blog&nbid=2384

Evernote – http://evernote.com/security/

Foursquare – https://foursquare.com/about/security

Freelancer – http://www.freelancer.com/info/vulnerability-submission.php

Future Of Enforcement – http://futureofenforcement.com/?page_id=695

Gitlab – http://blog.gitlab.com/responsible-disclosure-policy/

Gliph – https://gli.ph/s/security.html

HakSecurity – http://haksecurity.com/special-thanks/

Harmony – http://get.harmonyapp.com/security/

Heroku – https://www.heroku.com/policy/security-hall-of-fame

Iconfinder – http://support.iconfinder.com/customer/portal/articles/1217282-responsible-disclosure-of-security-vulnerabilities

Kaneva – http://docs.kaneva.com/mediawiki/index.php/Bug_Bounty

Kayako – https://my.kayako.com/

Lastpass – https://lastpass.com/support_security.php

Mahara – https://wiki.mahara.org/index.php

MailChimp – http://mailchimp.com/about/security-response/

Microsoft (Online Services) – http://technet.microsoft.com/en-us/security/cc308589

Netflix – http://support.netflix.com/en/node/6657#gsc.tab=0

Nokia – http://www.nokia.com/global/security/acknowledgements/

Nokia Siemens Networks – http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure

Norada – http://norada.com/crm-software/security_response

Owncloud – http://owncloud.org/about/security/hall-of-fame/

Opera – https://bugs.opera.com/wizarddesktop/

Oracle – http://:oracle.com/technetwork/topics/security

Puppet Labs – https://puppetlabs.com/security/acknowledgments/

RedHat – https://access.redhat.com/knowledge/articles/66234

Risk.io – https://www.risk.io/security

Security Net – http://www.securitynet.org/security-researcher-acknoledgments/

Sellfy – https://sellfy.com/security/

Spotify – https://www.spotify.com/us/about-us/contact/report-security-issues/

Sprout Social – http://sproutsocial.com/responsible-disclosure-policy

Telekom – http://www.telekom.com/corporate-responsibility/security/186450

Thingomatic – http://thingomatic.org/security.html

37signals – https://37signals.com/security-response

Tuenti – http://corporate.tuenti.com/en/dev/hall-of-fame

Twilio – https://www.twilio.com/docs/security/disclosure

Twitter – https://twitter.com/about/security

WizeHive – http://www.wizehive.com/special_thanks.html

Xmarks – https://buy.xmarks.com/security.php

Zendesk – http://www.zendesk.com/company/responsible-disclosure-policy

Zynga – http://company.zynga.com/security/whitehats

Product & Services (No Reward)

Amazon Web Services (AWS) – http://aws.amazon.com/security/vulnerability-reporting

Apriva – http://www.apriva.com/security

Authy – https://www.authy.com/security-issue

Blackboard – http://www.blackboard.com/footer/security-policy.aspx

Box – https://www.box.com/about-us/security/

Cisco – http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Cloudnetz – http://cloudnetz.com/Legal/vulnerability-testing-policy.html

Contant Contact – http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp

Coupa – http://trust.coupa.com/home/security/coupa-vulnerability-reporting-policy

Drupal – https://drupal.org/security-team

EMC2 – http://www.emc.com/contact-us/contact/product-security-response-center.htm

Emptrust – http://www.emptrust.com/Security.aspx

Heroku – https://www.heroku.com/policy/security-hall-of-fame

HTC – http://www.htc.com/us/terms/product-security/

Huawei – http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm

IBM – http://www-03.ibm.com/security/secure-engineering/report.html

KPN – http://www.kpn.com/Privacy.htm#tabcontent3

Lievensberg Hospital – http://www.lievensbergziekenhuis.nl/paginas/141-disclaimer.html

LinkedIn – http://help.linkedin.com/app/answers/detail/a_id/37022

Lookout – https://www.lookout.com/responsible-disclosure

Millsap Independent School District – http://www.millsapisd.net/BugReport.cfm

Modus CSR – http://www.moduscsr.com/security_statement.php

PagerDuty – http://www.pagerduty.com/security/disclosure/

Panzura – http://panzura.com/support/panzura-security-policy/

Pidgin – http://pidgin.im/security/

Plone – http://plone.org/products/plone/security/advisories

Pop Group – http://www.popgroupglobal.com/security.php

Reddit – http://code.reddit.com/wiki/help/whitehat

Relaso – http://relaso.com/disclosure

Salesforce – http://www.salesforce.com/company/privacy/security.jsp#vulnerability

Simplify – http://simplify-llc.com/simplify-security.html

Skoodat – http://www.skoodat.com/security

Scorpion Software – http://www.scorpionsoft.com/company/disclosurepolicy/

Square – https://squareup.com/security/levels

Symantec – http://www.symantec.com/security/

Team Unify – http://www.teamunify.com/__corp__/security.php

Tele2 – http://www.tele2.nl/klantenservice/veiligheid/tele2-en-veiligheid.html

T-Mobile (Netherlands) – http://www.t-mobile.nl/Global/media/pdf/privacy_statement_juni_2012.pdf

UPC – http://www.upc.nl/internet/veilig_internet/beveiligingsproblemen/

Viadeo – http://www.viadeo.com/aide/security/

Vodafone (Netherlands) – http://over.vodafone.nl/vodafone-nederland/privacy-veiligheid/beveiliging-en-bescherming/wat-doet-vodafone/meld-een-beveilig

VSR – http://www.vsecurity.com/company/disclosure

X.commerce – http://www.x.com/security

Xen – http://www.xen.org/projects/security_vulnerability_process.html

Ziggo – https://www.ziggo.nl/#klantenservice/internet/risicos-op-internet/meldpunt-beveiligingslekken

Mohammad Shahrouf

Header Ads

Bug Bounty Web List

What is the Bug Bounty Program?

Here are following Bug Bounty Web List.

Reward Programs

Product and Services (Hall Of Fame Only)

Product & Services (No Reward)

Post a Comment

কোন মন্তব্য নেই

Random Posts

Facebook

Follow Us

Popular Posts

Sponsor

Categories

Blog Archive

Comments

Random Posts

Recent Posts

Popular Posts

Mohammad Shahrouf

Header Ads

Bug Bounty Web List

What is the Bug Bounty Program?

Here are following Bug Bounty Web List.

Reward Programs

Product and Services (Hall Of Fame Only)

Product & Services (No Reward)

Related Posts

Post a Comment

কোন মন্তব্য নেই

Random Posts

Facebook

Follow Us

Popular Posts

Sponsor

Categories

Blog Archive

Comments

Random Posts

Recent Posts

Popular Posts