Permalink
Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign up
Fetching contributors…
Cannot retrieve contributors at this time.
Cannot retrieve contributors at this time
| program_name | policy_url | submission_url | launch_date | bug_bounty | swag | hall_of_fame | safe_harbor | |
|---|---|---|---|---|---|---|---|---|
| (ISC)2 | https://bugcrowd.com/isc2 | https://bugcrowd.com/isc2/report | FALSE | FALSE | TRUE | |||
| .nz Registry | https://registry.internetnz.nz/about/vulnerability-disclosure-policy/ | security@internetnz.net.nz | FALSE | FALSE | TRUE | partial | ||
| 0x Project | https://blog.0xproject.com/announcing-the-0x-protocol-bug-bounty-b0559d2738c | team@0xproject.com | TRUE | FALSE | FALSE | |||
| 123 Contact Form | http://www.123contactform.com/security-acknowledgements.htm | https://www.123formbuilder.com/contactus.html | FALSE | FALSE | TRUE | |||
| 18F | https://18f.gsa.gov/vulnerability-disclosure-policy/ | tts-vulnerability-reports@gsa.gov | FALSE | FALSE | FALSE | full | ||
| 1Password Game | https://bugcrowd.com/agilebits | https://bugcrowd.com/agilebits/report | TRUE | FALSE | TRUE | |||
| 21 Century Fox | https://www.21cf.com/responsible-vulnerability-disclosure-policy/ | disclosures@21cf.com | FALSE | FALSE | FALSE | partial | ||
| 23andme | https://www.23andme.com/security-report/ | https://www.23andme.com/security-report/ | TRUE | FALSE | FALSE | |||
| 4chan | https://www.4chan.org/security | security@4chan.org | FALSE | TRUE | TRUE | |||
| 98 Point 6 | https://www.98point6.com/responsible-disclosure-policy/ | security@98point6.com | FALSE | FALSE | TRUE | partial | ||
| ABNAMRO BANK | http://personal.rbs.co.uk/personal/security-centre/responsible-disclosure.html | security.disclosures@rbs.co.uk | FALSE | FALSE | TRUE | |||
| AOL | https://contact.security.aol.com/ | secvuln@teamaol.com | FALSE | FALSE | TRUE | |||
| ARK Ecosystem | https://bugcrowd.com/arkecosystem | https://bugcrowd.com/arkecosystem/report | TRUE | FALSE | TRUE | |||
| ARM mBed | https://tls.mbed.org/c-library-bug-bounty-program | Support.mbedtls@arm.com | TRUE | FALSE | TRUE | |||
| ASN Bank | https://www.devolksbank.nl/veiligheid.html | responsible-disclosure@devolksbank.nl | FALSE | FALSE | FALSE | |||
| AT&T | https://bugbounty.att.com/ | https://bugbounty.att.com/bugform.php | TRUE | FALSE | TRUE | |||
| Abacus | https://bugcrowd.com/abacus | https://bugcrowd.com/abacus/report | FALSE | FALSE | TRUE | |||
| Abbott | https://www.abbott.com/policies/cybersecurity/cybersecurity-coordinated-product-disclosure.html | cybersecurity@abbott.com | FALSE | FALSE | FALSE | |||
| Abn Amro | https://www.abnamro.com/en/footer/responsible-disclosure.html | responsible.disclosure@nl.abnamro.com | TRUE | FALSE | FALSE | partial | ||
| Accenture | https://www.accenture.com/us-en/company-accenture-responsible-disclosure | Res.Disclosure@accenture.com | FALSE | FALSE | FALSE | partial | ||
| Accredible | https://www.accredible.com/white_hat/ | security@accredible.com | TRUE | FALSE | FALSE | |||
| Acorns LLC | https://bugcrowd.com/acorns | https://bugcrowd.com/acorns/report | TRUE | FALSE | TRUE | full | ||
| Acquia | https://www.acquia.com/how-report-security-issue | security@acquia.com | FALSE | FALSE | TRUE | |||
| Actility | https://www.actility.com/company/security/ | http://app.yogosha.com/ | TRUE | FALSE | FALSE | |||
| ActiveProspect | https://activeprospect.com/security/ | security@activeprospect.com | FALSE | FALSE | TRUE | partial | ||
| Activpn | https://activpn.com/en/security | https://bugcrowd.com/activpn/report | FALSE | FALSE | TRUE | |||
| Adobe | https://helpx.adobe.com/security/alertus.html | PSIRT@adobe.com | FALSE | FALSE | TRUE | |||
| Aerohive | http://www.aerohive.com/support/security-center | security@aerohive.com | FALSE | FALSE | FALSE | |||
| Aeternity | https://hackerone.com/aeternity | TRUE | FALSE | TRUE | full | |||
| Affiliate Coin | https://www.affiliatecoin.io/en/bounty | contact@affiliatecoin.io | TRUE | FALSE | FALSE | |||
| AgileBits | https://bugcrowd.com/agilebits | https://bugcrowd.com/agilebits/report | TRUE | FALSE | TRUE | |||
| Aion | https://aion.network/terms-bounty/ | secure@Aion.network | TRUE | FALSE | FALSE | |||
| Air Miles | https://www.airmiles.nl/responsible-disclosure | security.privacy@airmiles.nl | TRUE | FALSE | FALSE | |||
| Air Miles Shop | https://www.airmilesshop.nl/responsible-disclosure | klantenservice@airmilesshop.nl | FALSE | TRUE | TRUE | partial | ||
| Airbnb | https://www.airbnb.com/security | https://hackerone.com/airbnb/ | TRUE | FALSE | TRUE | |||
| Airforce Mining | https://airforcemining.com/bounty | https://goo.gl/forms/b5lDTna3Gh8KYvFn1 | TRUE | FALSE | FALSE | |||
| Airtable | https://airtable.com/security | security@airtable.com | TRUE | FALSE | FALSE | |||
| Albert Heijn | https://www.ah.nl/kwetsbaarheid-melden | ad.itsecurity.group@aholddelhaize.com | TRUE | TRUE | TRUE | |||
| Alcatel Lucent | https://www.al-enterprise.com/en/support/security-advisories | psirt@al-enterprise.com | FALSE | FALSE | FALSE | |||
| Alcyon | http://www.alcyon.nl/responsible-disclosure/ | security@alcyon.nl | FALSE | TRUE | FALSE | |||
| Algolia | https://www.algolia.com/security | https://hackerone.com/algolia | TRUE | FALSE | TRUE | |||
| Algorand | https://bugcrowd.com/algorand | https://bugcrowd.com/algorand/report | TRUE | FALSE | TRUE | full | ||
| Alibaba | https://security.alibaba.com/ | security@service.alibaba.com | TRUE | FALSE | TRUE | partial | ||
| Alienvault | https://www.alienvault.com/documentation/usm-appliance/system-overview/how-to-submit-a-security-issue-to-alienvault.htm | https://hackerone.com/alienvault_security | FALSE | FALSE | TRUE | |||
| Aliexpress | https://security.alibaba.com/ | security@service.alibaba.com | TRUE | FALSE | TRUE | partial | ||
| Altervista | https://en.altervista.org/feedback.php?who=feedback | https://en.altervista.org/feedback.php?who=feedback | FALSE | FALSE | TRUE | |||
| Altilly | https://www.altilly.com/page/security | https://www.altilly.com/page/security | TRUE | FALSE | FALSE | |||
| Amara | http://amara.org/en/security | security@amara.org | FALSE | FALSE | TRUE | |||
| Amazon | http://www.amazon.com/gp/help/customer/display.html/ref=hp_left_v4_sib?ie=UTF8&nodeId=201182150 | http://www.amazon.com/gp/help/customer/display.html/ref=hp_left_v4_sib?ie=UTF8&nodeId=201182150 | FALSE | FALSE | FALSE | |||
| Amazon Web Services | http://aws.amazon.com/security/vulnerability-reporting | aws-security@amazon.com | FALSE | FALSE | FALSE | |||
| American Express | https://www.americanexpress.com/us/security-center/responsible-disclosure-policy/ | responsible.disclosure@aexp.com | FALSE | FALSE | FALSE | |||
| Ancientbrain | https://ancientbrain.com/bugs.php | bugs@ancientbrain.com | TRUE | FALSE | FALSE | |||
| Android | https://www.google.com/about/appsecurity/android-rewards/ | https://www.google.com/appserve/security-bugs/m2/new | TRUE | FALSE | TRUE | |||
| Apache | https://www.apache.org/security/ | security@apache.org | TRUE | FALSE | FALSE | |||
| Apache (Bug Bounty) | https://hackerone.com/ibb-apache | TRUE | FALSE | TRUE | ||||
| Apache httpd | https://www.apache.org/security/ | security@apache.org | TRUE | FALSE | TRUE | |||
| Apparmor | https://www.apparmor.com/About/Security/Disclosure/ | support@apparmor.com | FALSE | FALSE | FALSE | |||
| Appcelerator | https://www.appcelerator.com/privacy/responsible-disclosure-of-security-vulnerabilities/ | appc.support@axway.com | FALSE | FALSE | TRUE | |||
| Apple | https://developer.apple.com/bug-reporting/ | https://bugreport.apple.com/ | FALSE | FALSE | TRUE | |||
| Appoptics | https://www.appoptics.com/security | psirt@solarwinds.com | FALSE | FALSE | FALSE | |||
| Apptentive | https://www.apptentive.com/contact | https://www.apptentive.com/about/contact-us/ | FALSE | FALSE | FALSE | |||
| Aptible | https://www.aptible.com/legal/responsible-disclosure/ | security@aptible.com | FALSE | FALSE | FALSE | |||
| Aragon | https://blog.aragon.org/aragon-token-sale-bug-bounty-a15d192902e9/ | security@aragon.one | TRUE | FALSE | FALSE | |||
| Arduino | https://www.arduino.cc/en/Main/Security | security@arduino.cc | FALSE | FALSE | FALSE | partial | ||
| Ark | https://blog.ark.io/ark-github-development-bounty-113806ae9ffe | security@ark.io | TRUE | FALSE | FALSE | |||
| Arkadiyt Projects | https://hackerone.com/arkadiyt-projects | FALSE | FALSE | TRUE | full | |||
| Arkose Labs | https://bugcrowd.com/arkose-labs | https://bugcrowd.com/arkose-labs/report | TRUE | FALSE | TRUE | |||
| Arlo - Cash Rewards Program | https://bugcrowd.com/arlo | https://bugcrowd.com/arlo/report | TRUE | FALSE | TRUE | |||
| Arlo - Kudos Program | https://bugcrowd.com/arlokudos | https://bugcrowd.com/arlokudos/report | FALSE | FALSE | TRUE | |||
| Artsy | https://www.artsy.net/security | security@artsy.net | TRUE | FALSE | FALSE | |||
| Asana | https://asana.com/bounty | security@asana.com | TRUE | FALSE | FALSE | |||
| Aspen | https://hackerone.com/aspen | FALSE | FALSE | TRUE | ||||
| Assuring Medical Apps | https://assuringapps.com/en/responsible-disclosure/ | https://assuringapps.com/en/contact-us/ | TRUE | FALSE | FALSE | partial | ||
| Asterisk | https://wiki.asterisk.org/wiki/display/AST/Asterisk+Bug+Bounties | http://lists.digium.com/mailman/listinfo/asterisk-dev | TRUE | FALSE | FALSE | |||
| Atlassian | https://bugcrowd.com/atlassian | https://bugcrowd.com/atlassian/report | TRUE | FALSE | TRUE | full | ||
| Atlassian - Opsgenie | https://bugcrowd.com/opsgenie | https://bugcrowd.com/opsgenie/report | TRUE | FALSE | TRUE | full | ||
| Augur | https://www.augur.net/bounty/ | bounty@augur.net | TRUE | FALSE | FALSE | partial | ||
| Augur Project | https://www.augur.net/bounty/ | https://hackerone.com/augurproject | TRUE | FALSE | TRUE | full | ||
| Australian Postal Corporation | https://auspost.com.au/about-us/about-our-site/responsible-disclosure | security@auspost.com.au | FALSE | FALSE | TRUE | |||
| Auth0 | https://auth0.com/responsible-disclosure-policy/ | https://auth0.com/responsible-disclosure-policy/ | FALSE | FALSE | TRUE | partial | ||
| Autodesk | https://www.autodesk.com/trust/incident-response | https://www.autodesk.com/trust/report-an-issue | FALSE | FALSE | FALSE | |||
| Automattic | http://automattic.com/security/ | https://hackerone.com/automattic | FALSE | FALSE | TRUE | |||
| Avalara | https://www.avalara.com/us/en/legal/responsible-disclosure.html | information.security@avalara.com | FALSE | FALSE | TRUE | |||
| Avast! | http://www.avast.com/bug-bounty | bugs@avast.com | TRUE | FALSE | FALSE | |||
| Avira | https://www.avira.com/en/support-vulnerability | vulnerabilities@avira.com | TRUE | FALSE | TRUE | |||
| Avito | https://hackerone.com/avito | FALSE | FALSE | TRUE | ||||
| Ayden | https://support.adyen.com/hc/en-us/articles/115001187330-How-do-I-report-a-possible-security-issue-to-Adyen- | https://support.adyen.com/hc/en-us/requests/new | FALSE | FALSE | FALSE | |||
| Ayers Rock Resort | https://www.ayersrockresort.com.au/terms-and-conditions/security | vulnerability@voyages.com.au | FALSE | FALSE | TRUE | partial | ||
| BASF | https://www.basf.com/global/en/legal/responsible-disclosure-statement.html | securemail@basf.com | FALSE | TRUE | TRUE | |||
| BBC | https://www.bbc.com/backstage/security-disclosure-policy/ | mailo:security@bbc.co.uk | FALSE | FALSE | TRUE | partial | ||
| BD | https://www.bd.com/en-us/support/product-security-and-privacy/ | productsecurity@bd.com | FALSE | FALSE | FALSE | |||
| BMW | https://www.bmwgroup.com/en/general/Security.html | report-vulnerabilities@bmwgroup.com | FALSE | FALSE | TRUE | |||
| BTX Trader | https://www.btxtrader.com/bugbounty.html#/bugbounty | security@btxtrader.com | FALSE | FALSE | FALSE | |||
| Backblaze | https://hackerone.com/backblaze | https://hackerone.com/backblaze | TRUE | FALSE | TRUE | |||
| Badoo | http://corp.badoo.com/security | https://hackerone.com/badoo | TRUE | FALSE | TRUE | |||
| Barracuda Networks | https://bugcrowd.com/barracuda | https://bugcrowd.com/barracuda/report | FALSE | FALSE | TRUE | |||
| Base | https://getbase.com/security/ | https://bugbounty.getbase.com/ | FALSE | FALSE | TRUE | |||
| Basecamp | https://basecamp.com/about/policies/security/response | security@basecamp.com | FALSE | FALSE | TRUE | |||
| Basware | https://www.basware.com/en-us/responsible-disclosure | secure@basware.com | FALSE | FALSE | FALSE | |||
| Beanstalk | http://support.beanstalkapp.com/customer/portal/articles/1317175-responsible-disclosure-policy | https://wildbit.wufoo.com/forms/wildbit-security-response/ | FALSE | FALSE | FALSE | |||
| Belgium Telenet | http://binaries.telenet.be/onlinesupport/pdf/responsible_disclosure_policy_en.pdf | https://www.intigriti.com/public/company/telenet | FALSE | FALSE | FALSE | partial | ||
| Better | https://bugcrowd.com/better | https://bugcrowd.com/better/report | TRUE | FALSE | TRUE | full | ||
| Beyond Security | https://www.beyondsecurity.com/ssd.html | contact@ssd-disclosure.com | TRUE | FALSE | FALSE | |||
| Beyond Trust | https://www.beyondtrust.com/disclosure | secure@beyondtrust.com | FALSE | FALSE | FALSE | |||
| BiMserver | http://bimserver.org/about/bug-bounty/ | https://github.com/opensourceBIM/BIMserver/issues/ | TRUE | FALSE | FALSE | |||
| Bime | https://www.zendesk.com/company/policies-procedures/#responsible-disclosure-policy | https://hackerone.com/bime | TRUE | FALSE | TRUE | |||
| Binance | https://bugcrowd.com/binance | https://bugcrowd.com/binance/report | TRUE | FALSE | TRUE | |||
| Binary | https://hackerone.com/binary | TRUE | FALSE | TRUE | ||||
| Binder | https://binder.works/responsible-disclosure-program/ | security@binder.works | FALSE | FALSE | FALSE | partial | ||
| Bing | https://technet.microsoft.com/en-us/security/ff852094.aspx | secure@microsoft.com | FALSE | FALSE | FALSE | |||
| BitMEX | https://www.bitmex.com/app/security | support@bitmex.com | TRUE | FALSE | FALSE | |||
| BitMark | https://bitmark.com/developers/bug-bounty | security@bitmark.com | TRUE | FALSE | FALSE | partial | ||
| BitWall | https://firebounty.com/520-bitwall-security | request@bitwall.io | FALSE | FALSE | TRUE | |||
| Bitcoin Gold | https://github.com/BTCGPU/dev/blob/master/responsible-disclosure.md | admin@bitcoingold.org | TRUE | FALSE | FALSE | |||
| Bitcoin.de | https://www.bitcoin.de/en/bug-bounty | bugs2019@bitcoin.de | FALSE | FALSE | FALSE | |||
| Bitdefender | https://bugcrowd.com/bitdefender | https://bugcrowd.com/bitdefender/report | TRUE | FALSE | TRUE | full | ||
| Bitdefender Box v2 | https://bugcrowd.com/bitdefenderbox2 | https://bugcrowd.com/bitdefenderbox2/report | TRUE | FALSE | TRUE | full | ||
| Bitpay | https://support.bitpay.com/hc/en-us/articles/204229369-Does-BitPay-have-a-bug-bounty-program- | disclosure@bitpay.com | TRUE | FALSE | FALSE | partial | ||
| Bitsoffreedom | https://www.bitsoffreedom.nl/coordinated-vulnerability-disclosure-en/ | security@bof.nl | TRUE | FALSE | TRUE | |||
| Bitwarden | https://hackerone.com/bitwarden | FALSE | FALSE | TRUE | ||||
| Bizmerlin | https://www.bizmerlin.com/responsible-disclosure-policy/ | https://bizmerlin.freshdesk.com/support/login | FALSE | FALSE | TRUE | |||
| Blackberry | https://global.blackberry.com/secure/report-an-issue/en.html | secure@blackberry.com | FALSE | FALSE | FALSE | |||
| Blackboard | https://www.blackboard.com/legal/security-policy.html | learnsecurity@blackboard.com | FALSE | FALSE | TRUE | |||
| Blend | https://bugcrowd.com/blend | https://bugcrowd.com/blend/report | TRUE | FALSE | TRUE | |||
| Blinkforhome | https://blinkforhome.com/pages/responsible-disclosure-policy?locale=en | info@blinkforhome.com | FALSE | FALSE | FALSE | partial | ||
| Block.One | https://hackerone.com/eosio | TRUE | FALSE | TRUE | full | |||
| Blockchain | https://hackerone.com/blockchain | TRUE | FALSE | TRUE | ||||
| Blockimmo | https://hackerone.com/blockimmo | TRUE | FALSE | TRUE | full | |||
| Blockport's Vulnerability Disclosure | https://bugcrowd.com/blockport | https://bugcrowd.com/blockport/report | FALSE | FALSE | TRUE | |||
| Blockstack | https://hackerone.com/blockstack | TRUE | FALSE | TRUE | ||||
| Blogger | http://www.google.com/about/appsecurity/reward-program/ | https://www.google.com/appserve/security-bugs/m2/new?rl=&key= | TRUE | FALSE | TRUE | |||
| Blue Jeans Network | https://bugcrowd.com/bluejeans | https://bugcrowd.com/bluejeans/report | FALSE | FALSE | TRUE | |||
| Bosch | https://psirt.bosch.com/en/responsibleDisclosurePolicy.html | psirt@bosch.com | FALSE | FALSE | TRUE | partial | ||
| Boston Scientific | http://www.bostonscientific.com/en-US/customer-service/product-security/responsible-disclosure.html | product.security@bsci.com | FALSE | FALSE | FALSE | |||
| Box | https://www.box.com/about-us/security/ | security-reports@box.com | FALSE | FALSE | FALSE | |||
| Braintree | https://www.braintreepayments.com/developers/disclosure | ppbugbounty@paypal.com | FALSE | FALSE | TRUE | |||
| Brave | https://hackerone.com/brave | TRUE | FALSE | TRUE | ||||
| BrickFTP | https://hackerone.com/brickftp | TRUE | FALSE | TRUE | ||||
| Buda | https://hackerone.com/buda | TRUE | FALSE | TRUE | full | |||
| Buddy | https://buddy.works/disclosure-policy | security@buddy.works | FALSE | FALSE | TRUE | |||
| Buffer | https://bufferapp.com/security | security@bufferapp.com | FALSE | FALSE | TRUE | |||
| Bugcrowd | https://bugcrowd.com/bugcrowd | https://bugcrowd.com/bugcrowd/report | TRUE | FALSE | TRUE | full | ||
| Bugify | https://bugify.com/security | security@bugify.com | FALSE | FALSE | TRUE | |||
| Buku | https://buku.io/en/security/ | security@buku.io | FALSE | FALSE | FALSE | partial | ||
| Bumble | https://hackerone.com/bumble | TRUE | FALSE | TRUE | ||||
| Bunq | https://www.bunq.com/assets/media/legal/en/20161114_Responsible_Disclosure_Policy_EN.pdf | responsible-disclosure@bunq.com | TRUE | TRUE | FALSE | partial | ||
| Bynder | https://www.bynder.com/en/legal/responsible-disclosure-policy/ | security@bynder.com | FALSE | FALSE | TRUE | partial | ||
| CARD.com | https://bugcrowd.com/card | https://bugcrowd.com/card/report | TRUE | FALSE | TRUE | |||
| CCV EU | https://www.ccv.eu/responsible-disclosure/ | security@ccv.eu | TRUE | FALSE | FALSE | partial | ||
| CERT/CC | https://vuls.cert.org/confluence/display/Wiki/Vulnerability+Disclosure+Policy | https://www.kb.cert.org/vuls/report/ | 12/1/88 | FALSE | FALSE | TRUE | ||
| CFP Time | https://hackerone.com/cfptime | FALSE | FALSE | TRUE | ||||
| cPanel | https://cpanel.net/cpanel-security-bounty-program/ | security@cpanel.net | TRUE | FALSE | TRUE | |||
| cPaperless | https://www.cpaperless.com/security-statement/ | support@cPaperless.com | FALSE | FALSE | FALSE | |||
| Caffeine | https://bugcrowd.com/caffeine | https://bugcrowd.com/caffeine/report | TRUE | FALSE | TRUE | full | ||
| Capital One | https://www.capitalone.com/applications/responsible-disclosure/ | https://hackerone.com/capital-one | FALSE | FALSE | FALSE | |||
| CarGurus | https://hackerone.com/cargurus | infosec@cargurus.com | TRUE | FALSE | TRUE | |||
| Carbon Black | https://www.carbonblack.com/resources/reporting-security-vulnerability/ | productsecurity@carbonblack.com | FALSE | FALSE | FALSE | |||
| Casper | https://hackerone.com/casper | TRUE | FALSE | TRUE | ||||
| Castle Gate IT | https://www.castlegateit.co.uk/docs/ethical-policy.pdf | https://www.castlegateit.co.uk/contact/ | FALSE | FALSE | FALSE | partial | ||
| Catawiki | https://www.catawiki.com/conditions/responsible-disclosure.pdf | https://app.zerocopter.com/rd/68657721-53b5-48c3-b9b4-bc0175d0a4f7 | FALSE | FALSE | FALSE | partial | ||
| Caterpiller | https://www.cat.com/en_US/support/maintenance/c/report-potential-information-security-vulnerabilities.html | ProductSecurity@cat.com | FALSE | FALSE | FALSE | |||
| Caviar | https://bugcrowd.com/caviar | https://bugcrowd.com/caviar/report | TRUE | FALSE | TRUE | |||
| Centrify | https://bugcrowd.com/centrify | https://bugcrowd.com/centrify/report | TRUE | FALSE | TRUE | |||
| ChainRift | https://medium.com/chainrift/chainrift-launches-bug-bounty-program-6255eb2d518d | support@chainrift.com | TRUE | FALSE | FALSE | full | ||
| Chainlink | https://hackerone.com/chainlink | https://hackerone.com/chainlink | TRUE | FALSE | TRUE | full | ||
| Chameleon | https://www.trychameleon.com/security/disclosure | https://www.trychameleon.com/security/disclosure | TRUE | FALSE | TRUE | |||
| Channable | https://www.channable.com/wp-content/uploads/2018/12/Responsible-disclosure-of-security-vulnerabilities.pdf | security@channable.com | FALSE | FALSE | FALSE | partial | ||
| Chargify | https://www.chargify.com/security/ | security@chargify.com | FALSE | FALSE | FALSE | |||
| Chase | https://www.chase.com/digital/resources/privacy-security/security/vulnerability-disclosure | responsible.disclosure@jpmchase.com | FALSE | FALSE | FALSE | partial | ||
| Chaturbate | https://hackerone.com/chaturbate | TRUE | FALSE | TRUE | full | |||
| Circ.lu | https://www.circl.lu/pub/responsible-vulnerability-disclosure | https://www.circl.lu/report/ | FALSE | FALSE | FALSE | |||
| CircleCi | https://circleci.com/security | security@circleci.com | FALSE | TRUE | FALSE | |||
| Cisco | https://tools.cisco.com/security/center/resources/security_vulnerability_policy.html | psirt@cisco.com | FALSE | FALSE | FALSE | |||
| Cisco Meraki | https://bugcrowd.com/ciscomeraki | https://bugcrowd.com/ciscomeraki/report | TRUE | FALSE | TRUE | |||
| City-Data.com | http://www.city-data.com/bug-bounty.html | http://www.city-data.com/bug-bounty-report.php | TRUE | FALSE | TRUE | partial | ||
| Classdojo | https://www.classdojo.com/securitydisclosureprogram/ | security@classdojo.com | TRUE | FALSE | FALSE | |||
| Clause | https://clause.io/security | security@clause.io | TRUE | FALSE | TRUE | |||
| Clipperz | https://clipperz.is/security_privacy/responsible_disclosure_policy/ | security@clipperz.is | FALSE | FALSE | TRUE | partial | ||
| Cloud9 IDE | https://c9.io/security | security@c9.io | FALSE | FALSE | FALSE | |||
| CloudFlare | https://www.cloudflare.com/disclosure | https://hackerone.com/cloudflare | FALSE | FALSE | TRUE | |||
| Cloudapp | https://get.cloudapp.help/hc/en-us/articles/223617748-Responsible-Disclosure-Report-found-vulnerabilities | support@getcloudapp.com | FALSE | FALSE | TRUE | partial | ||
| Cloudinary | https://bugcrowd.com/cloudinary | https://bugcrowd.com/cloudinary/report | TRUE | FALSE | TRUE | full | ||
| Cloudways | https://bugcrowd.com/cloudways | https://bugcrowd.com/cloudways/report | TRUE | FALSE | TRUE | |||
| ClubCollect | https://www.clubcollect.com/en/responsible-disclosure/ | rd@clubcollect.com | FALSE | FALSE | FALSE | partial | ||
| Co-Operative bank | https://www.co-operativebank.co.uk/global/security/responsible-security-disclosure | securitydisclosures@co-operativebank.co.uk | FALSE | FALSE | FALSE | |||
| Coalition | https://hackerone.com/coalition | FALSE | FALSE | TRUE | ||||
| Cobalt | https://cobalt.io/security/practices | security@cobalt.io | FALSE | FALSE | TRUE | |||
| Cobinhood | https://hackerone.com/cobinhood | TRUE | FALSE | TRUE | full | |||
| Code Climate | https://codeclimate.com/security | security@codeclimate.com | FALSE | FALSE | TRUE | |||
| Codeigniter | https://hackerone.com/codeigniter | FALSE | FALSE | TRUE | ||||
| CoinJar | https://www.coinjar.com/bounty | security@coinjar.com | TRUE | FALSE | FALSE | |||
| Coinbase | https://coinbase.com/whitehat | https://hackerone.com/coinbase | TRUE | FALSE | TRUE | full | ||
| Coinpayments | https://www.coinpayments.net/help-bug-bounty | security@coinpayments.net | TRUE | FALSE | TRUE | |||
| Cointal | https://www.cointal.com/page/security | help@cointal.com | TRUE | FALSE | FALSE | |||
| Cointracker | https://www.cointracker.io/security | security@cointracker.io | TRUE | FALSE | FALSE | full | ||
| Commonsware | http://commonsware.com/bounty.html | ummmmm-hi@commonsware.com | FALSE | TRUE | FALSE | |||
| Compose | https://www.compose.io/security | security@compose.io | FALSE | FALSE | TRUE | |||
| Conclusion | https://www.conclusion.nl/kleine-lettertjes/responsible-disclosure | cvd@conclusion.nl | FALSE | TRUE | TRUE | partial | ||
| Concrete5 | https://www.concrete5.org/developers/security | security@concrete5.org | FALSE | FALSE | TRUE | |||
| Constant Contact | https://bugcrowd.com/constantcontact | https://bugcrowd.com/constantcontact/report | FALSE | FALSE | TRUE | partial | ||
| Contrast Security | https://www.contrastsecurity.com/disclosure-policy | security@contrastsecurity.com | FALSE | FALSE | FALSE | |||
| CoreOS | https://coreos.com/security/disclosure/ | security@coreos.com | FALSE | FALSE | FALSE | |||
| Coupa | http://www.coupa.com/success/vulnerability-reporting-policy | security@coupa.com | FALSE | FALSE | FALSE | |||
| Coursera | https://hackerone.com/coursera | FALSE | FALSE | TRUE | ||||
| Craigslist | https://www.craigslist.org/contact?step=form&reqType=security | https://sfbay.craigslist.org/contact?step=form&reqType=security | FALSE | FALSE | FALSE | |||
| Credit Karma | https://bugcrowd.com/creditkarma | https://bugcrowd.com/creditkarma/report | TRUE | FALSE | TRUE | |||
| Crowdstrike | https://hackerone.com/crowdstrike | TRUE | FALSE | TRUE | ||||
| Crypto | https://hackerone.com/crypto | TRUE | FALSE | TRUE | ||||
| Curl | https://hackerone.com/curl | https://hackerone.com/curl | TRUE | FALSE | TRUE | full | ||
| Currencycloud | https://www.currencycloud.com/legal/responsible-disclosure/ | security@currencycloud.com | FALSE | FALSE | TRUE | |||
| Customer Insight | https://customerinsight.ca/CI/security-statement/ | admin@customerinsight.ca | FALSE | FALSE | FALSE | |||
| Cuvva | https://hackerone.com/cuvva | FALSE | FALSE | TRUE | partial | |||
| Cyber Sprint | https://www.cybersprint.com/responsible-disclosure/ | soc@cybersprint.com | FALSE | FALSE | FALSE | |||
| Cybermarqt | https://cybermarqt.com/responsible-disclosure | info@cybermarqt.com | FALSE | FALSE | TRUE | partial | ||
| DJI | https://security.dji.com/policy | TRUE | TRUE | TRUE | full | |||
| DNN Corporation | http://www.dnnsoftware.com/platform/share/bug-reporting | https://dnntracker.atlassian.net/secure/Dashboard.jspa | FALSE | FALSE | FALSE | |||
| DNSimple | https://dnsimple.com/security | security@dnsimple.com | FALSE | FALSE | TRUE | |||
| DPD | https://getdpd.com/security/ | security@dpd.zendesk.com | TRUE | FALSE | TRUE | partial | ||
| Dailymotion | https://yeswehack.com/programs/dailymotion-public-bug-bounty | https://yeswehack.com/programs/dailymotion-public-bug-bounty/create-report | TRUE | FALSE | FALSE | full | ||
| Danske Bank | https://danskebank.com/responsible-disclosure | soc_itops@danskebank.com | FALSE | FALSE | FALSE | |||
| Dark Matter | https://bugcrowd.com/darkmatterae | https://bugcrowd.com/darkmatterae/report | TRUE | FALSE | TRUE | |||
| Dash Digital Cash | https://bugcrowd.com/dashdigitalcash | https://bugcrowd.com/dashdigitalcash/report | TRUE | FALSE | TRUE | |||
| Dashlane | https://hackerone.com/dashlane | TRUE | FALSE | TRUE | ||||
| Data Processing | https://hackerone.com/ibb-data | TRUE | FALSE | TRUE | ||||
| Dato Capital | https://en.datocapital.com/report-security-issue.html | security@datocapital.com | FALSE | FALSE | TRUE | |||
| DeNederlandscheBank | https://www.dnb.nl/en/responsible-disclosure/index.jsp | cvd@dnb.nl | TRUE | FALSE | FALSE | |||
| Debian Security Tracker | http://www.debian.org/Bugs/ | https://www.debian.org/Bugs/ | FALSE | FALSE | FALSE | |||
| DefectDojo | https://hackerone.com/defectdojo | https://hackerone.com/defectdojo | FALSE | FALSE | TRUE | full | ||
| Delight.im | https://hackerone.com/delight_im | TRUE | FALSE | TRUE | ||||
| Deliveroo | https://hackerone.com/deliveroo | TRUE | FALSE | TRUE | ||||
| Dell | https://bugcrowd.com/dell | https://bugcrowd.com/dell/report | FALSE | FALSE | TRUE | partial | ||
| Department Of Defense | https://hackerone.com/deptofdefense | FALSE | FALSE | TRUE | ||||
| Deps | https://www.deps.co/security/ | security@deps.co | FALSE | FALSE | FALSE | partial | ||
| Deribit | https://www.deribit.com/pages/information/bug-bounty-program | support@deribit.com | TRUE | FALSE | TRUE | partial | ||
| Detectify | https://detectify.com/responsible_disclosure | disclosure@detectify.com | FALSE | FALSE | TRUE | |||
| Deutsche Telekom | https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/security/details/closing-security-gaps-360054 | bugbounty@t-mobile.cz | TRUE | FALSE | TRUE | |||
| Digital Asset | https://www.digitalasset.com/security | security@digitalasset.com | FALSE | FALSE | TRUE | partial | ||
| DigitalOcean | https://bugcrowd.com/digitalocean | https://bugcrowd.com/digitalocean/report | TRUE | FALSE | TRUE | partial | ||
| Directly | https://bugcrowd.com/directly | https://bugcrowd.com/directly/report | TRUE | FALSE | TRUE | full | ||
| Discourse | https://hackerone.com/discourse | https://hackerone.com/discourse | TRUE | FALSE | TRUE | |||
| Django | https://hackerone.com/django | TRUE | FALSE | TRUE | ||||
| Dominoes | https://dominos.responsibledisclosure.com/hc/en-us | https://dominos.responsibledisclosure.com/hc/en-us/requests/new | FALSE | FALSE | TRUE | |||
| Dovecot | https://hackerone.com/dovecot | TRUE | TRUE | TRUE | ||||
| Dream11 | https://www.dream11.com/security/rvdp | security@dream11.com | FALSE | FALSE | FALSE | partial | ||
| Dropbox | https://hackerone.com/dropbox | TRUE | FALSE | TRUE | full | |||
| Drugs.com | https://www.drugs.com/support/responsible-disclosure-policy.html | security@drugs.com | FALSE | FALSE | TRUE | partial | ||
| Drupal | https://www.drupal.org/drupal-security-team | security@drupal.org | FALSE | FALSE | TRUE | |||
| DuckDuckGo | https://hackerone.com/duckduckgo | https://hackerone.com/duckduckgo | FALSE | FALSE | TRUE | |||
| eBay | https://pages.ebay.com/securitycenter/security_researchers.html | https://pages.ebay.com/securitycenter/security_researchers_report_form.html | FALSE | FALSE | TRUE | |||
| Eclipse | http://www.eclipse.org/security/ | security@eclipse.org | FALSE | FALSE | FALSE | |||
| Ecobee | https://hackerone.com/ecobee | https://hackerone.com/ecobee | FALSE | FALSE | TRUE | full | ||
| Ed | https://hackerone.com/ed | FALSE | FALSE | TRUE | full | |||
| Edmodo | privacy@edmodo.com | FALSE | TRUE | FALSE | ||||
| Eero | https://bugcrowd.com/eero | https://bugcrowd.com/eero/report | FALSE | TRUE | TRUE | |||
| Electroneum | https://hackerone.com/electroneum | TRUE | FALSE | TRUE | ||||
| Electronic Frontier Foundation | https://www.eff.org/security | vulnerabilities@eff.org | FALSE | TRUE | TRUE | partial | ||
| Eligible | https://eligible.com/responsible_disclosure_program | security@eligible.com | TRUE | FALSE | FALSE | |||
| Elive | https://www.elvie.com/security-research-and-responsible-disclosure | security@elvie.com | FALSE | FALSE | TRUE | partial | ||
| Eneco Group | https://www.enecogroup.com/responsible-disclosure/ | https://app.zerocopter.com/nl/rd/8833c2eb-5018-4cd0-9cd1-418ef7bdd6e7 | FALSE | FALSE | FALSE | partial | ||
| Envato | http://webuild.envato.com/helpful-hacker/ | https://help.market.envato.com/hc/en-us/requests/new?ticket_form_id=38490 | FALSE | FALSE | TRUE | |||
| Eobot | https://hackerone.com/eobotcom | TRUE | FALSE | TRUE | ||||
| Eset | https://www.eset.com/int/security-vulnerability-reporting/ | security@eset.com | FALSE | FALSE | FALSE | |||
| Eslint | https://hackerone.com/eslint | FALSE | FALSE | TRUE | ||||
| Etsy | https://bugcrowd.com/etsy | https://bugcrowd.com/etsy/report | TRUE | FALSE | TRUE | |||
| Eurid | https://eurid.eu/lv/other-infomation/eurid-responsible-disclosure-policy/ | security.office@eurid.eu | TRUE | FALSE | FALSE | |||
| Event Espresso | https://eventespresso.com/report-a-security-vulnerability/ | https://eventespresso.com/report-a-security-vulnerability/ | FALSE | FALSE | FALSE | |||
| Eventbrite | http://www.eventbrite.com/security/ | security@eventbrite.com | FALSE | FALSE | TRUE | |||
| Evernote | https://evernote.com/security/report-issue | security@evernote.com | FALSE | FALSE | TRUE | |||
| Expatistan | http://www.expatistan.com/security | gerardo@expatistan.com | FALSE | FALSE | TRUE | |||
| ExpressionEngine | https://hackerone.com/expressionengine | FALSE | FALSE | TRUE | ||||
| Eze Eclipse Vulnerability Disclosure Program | https://bugcrowd.com/eze-vdp | https://bugcrowd.com/eze-vdp/report | FALSE | FALSE | TRUE | |||
| F Secure | https://www.f-secure.com/en/web/labs_global/vulnerability-reward-program | security@f-secure.com | TRUE | FALSE | FALSE | |||
| F5 Networks | https://support.f5.com/csp/article/K4602 | f5sirt@f5.com | TRUE | FALSE | FALSE | |||
| FFmpeg | http://www.ffmpeg.org/security.html | ffmpeg-security@ffmpeg.org | FALSE | FALSE | FALSE | |||
| FUSION | https://fusion.org/bounty/#bugs | rewards@fusion.org | TRUE | FALSE | TRUE | |||
| https://www.facebook.com/BugBounty/ | https://www.facebook.com/BugBounty/ | TRUE | FALSE | TRUE | ||||
| Fair | https://www.fair.com/bug-bounty | security@fair.com | TRUE | FALSE | FALSE | partial | ||
| FanDuel | https://www.fanduel.com/security | https://hackerone.com/fanduel | TRUE | FALSE | TRUE | full | ||
| FantasyTote | https://hackerone.com/fantasytote | FALSE | FALSE | TRUE | ||||
| FastMail | https://www.fastmail.com/about/bugbounty.html | bugreport@fastmail.com | TRUE | FALSE | TRUE | |||
| Fastly | https://www.fastly.com/security/report-security-issue | https://fastly.zendesk.com/hc/en-us/requests/new | FALSE | TRUE | FALSE | partial | ||
| Fiat Chrysler Automobiles | https://bugcrowd.com/fca | https://bugcrowd.com/fca/report | TRUE | FALSE | TRUE | |||
| FileZilla | https://hackerone.com/filezilla_h1c | https://hackerone.com/filezilla_h1c | FALSE | FALSE | TRUE | full | ||
| Firebase | https://firebase.google.com/support/contact/ | https://firebase.google.com/support/contact/ | FALSE | TRUE | FALSE | |||
| Fireeye | https://www.fireeye.com/company/security.html | security@fireeye.com | FALSE | FALSE | TRUE | |||
| Fitbit | https://bugcrowd.com/fitbit | https://bugcrowd.com/fitbit/report | TRUE | FALSE | TRUE | |||
| Flickr | https://hackerone.com/flickr | TRUE | FALSE | TRUE | full | |||
| Fluxiom | https://www.fluxiom.com/security | security@fluxiom.com | FALSE | FALSE | TRUE | |||
| Fontys | https://fontys.edu/About-us/Who-we-are/Rules-regulations/Responsible-disclosure.htm | https://fontys.edu/About-us/Who-we-are/Rules-regulations/Responsible-disclosure/Reporting-Form-Responsible-Disclosure.htm | FALSE | FALSE | TRUE | partial | ||
| Ford | https://hackerone.com/ford | https://hackerone.com/ford | TRUE | FALSE | TRUE | full | ||
| FormAssembly | https://hackerone.com/formassembly | FALSE | FALSE | TRUE | ||||
| Fountain | https://www.fountain.com/security | security@fountain.com | FALSE | FALSE | TRUE | |||
| Foursquare | https://foursquare.com/about/security | security@foursquare.com | FALSE | FALSE | TRUE | |||
| FoxyCart | https://bugcrowd.com/foxycart | https://bugcrowd.com/foxycart/report | TRUE | FALSE | TRUE | |||
| Freelancer | https://www.freelancer.com/info/security-reporting.php | security-reporting@freelancer.com | FALSE | FALSE | TRUE | |||
| Freshbooks | https://www.freshbooks.com/policies/responsible-disclosure | security@freshbooks.com | FALSE | FALSE | TRUE | |||
| Fuga | https://fuga.cloud/responsible-disclosure-policy/ | abuse@fuga.cloud | FALSE | TRUE | TRUE | partial | ||
| Fullstory | https://fullstory.responsibledisclosure.com/hc/en-us | https://fullstory.responsibledisclosure.com/hc/en-us/requests/new | FALSE | FALSE | TRUE | |||
| GO-JEK | https://bugcrowd.com/gojek | https://bugcrowd.com/gojek/report | TRUE | FALSE | TRUE | |||
| Gamma | https://www.gamma.nl/responsible-disclosure | security-alert@intergamma.nl | TRUE | FALSE | TRUE | |||
| Garmin | https://www.garmin.com/en-US/legal/security | https://www.garmin.com/en-US/legal/security | FALSE | FALSE | FALSE | |||
| GateCoin | https://gatecoin.com/bugBounty | security@gatecoin.com | FALSE | FALSE | TRUE | |||
| Gay.Capital | https://gay.capital/docs/bugbounty | Support@Gay.Capital | FALSE | FALSE | FALSE | full | ||
| Geckoboard | https://support.geckoboard.com/hc/en-us/articles/115007061468-Responsible-Disclosure-Policy | https://support.geckoboard.com/hc/en-us/requests/new?ticket_form_id=39437 | FALSE | FALSE | FALSE | |||
| Gemfury | http://www.gemfury.com/security | security@gemfury.com | FALSE | FALSE | FALSE | |||
| General Electric | https://www.ge.com/security | https://www.ge.com/security | FALSE | FALSE | FALSE | |||
| General Motors Company | https://hackerone.com/gm | https://hackerone.com/gm | FALSE | FALSE | TRUE | full | ||
| Geniebelt | https://geniebelt.com/responsible-disclosure | security@geniebelt.com | FALSE | TRUE | TRUE | full | ||
| Geotab | https://www.geotab.com/security/ | https://www.geotab.com/security/ | FALSE | FALSE | TRUE | |||
| GetAdmiral | https://hackerone.com/getadmiral | TRUE | FALSE | TRUE | ||||
| Getbase | https://bugbounty.getbase.com/ | https://bugbounty.getbase.com/ | FALSE | FALSE | TRUE | |||
| Ghost | https://github.com/TryGhost/Ghost/blob/master/SECURITY.md | security@ghost.org | FALSE | FALSE | FALSE | |||
| Ghostscript | http://ghostscript.com/Bug_bounty_program.html | https://bugs.ghostscript.com/ | TRUE | FALSE | FALSE | |||
| Github | https://bounty.github.com/ | https://hackerone.com/github | TRUE | FALSE | TRUE | full | ||
| Gitlab | https://about.gitlab.com/security/disclosure/ | security@gitlab.com | FALSE | FALSE | TRUE | |||
| Glance Networks | https://ww2.glance.net/privacy-policy/ | security@glance.net | FALSE | FALSE | FALSE | partial | ||
| GlassWire | https://hackerone.com/glasswire | TRUE | FALSE | TRUE | ||||
| GlobaLeaks | https://hackerone.com/globaleaks | FALSE | TRUE | TRUE | ||||
| GoCD | https://hackerone.com/gocd | FALSE | FALSE | TRUE | ||||
| Goldman Sachs | https://www.goldmansachs.com/privacy-and-cookies/global-privacy-policy.html | https://hackerone.com/goldmansachs | TRUE | FALSE | TRUE | |||
| https://www.google.com/about/appsecurity/ | https://www.google.com/appserve/security-bugs/m2/new?rl=&key= | TRUE | FALSE | FALSE | ||||
| Google Chrome | https://www.google.com/about/appsecurity/chrome-rewards/ | https://code.google.com/p/chromium/issues/entry?template=Security%20Bug | TRUE | FALSE | TRUE | |||
| Google PRP | https://www.google.com/about/appsecurity/patch-rewards/index.html | https://docs.google.com/forms/d/e/1FAIpQLSd5TlIXAiWRmbsHtPDR-8aDYKAZVgkJ5tcn6Dh-ym79r4iUxA/viewform | TRUE | FALSE | FALSE | |||
| Grab | https://hackerone.com/grab | TRUE | FALSE | TRUE | ||||
| Grammarly | https://hackerone.com/grammarly | TRUE | FALSE | TRUE | full | |||
| GreenBone | https://www.greenbone.net/en/responsible-disclosure/ | https://www.greenbone.net/en/contact/ | FALSE | FALSE | FALSE | |||
| Greenhouse.io | https://hackerone.com/greenhouse | TRUE | FALSE | TRUE | ||||
| Grok Learning | https://groklearning.com/security | security@groklearning.com | FALSE | FALSE | TRUE | |||
| HID | https://www.hidglobal.com/security-center | secure@hidglobal.com | FALSE | FALSE | TRUE | |||
| HR Partner | https://www.hrpartner.io/security.html | support@hrpartner.io | FALSE | FALSE | FALSE | partial | ||
| HTC | https://www.htc.com/us/terms/product-security/ | security@htc.com | FALSE | FALSE | FALSE | |||
| Hack Me! | https://bugcrowd.com/hackme | https://bugcrowd.com/hackme/report | FALSE | FALSE | TRUE | |||
| Hackerone | https://hackerone.com/security | TRUE | FALSE | TRUE | full | |||
| Hanno's Project | https://hackerone.com/hannob | FALSE | FALSE | TRUE | full | |||
| Harmony | http://get.harmonyapp.com/security/ | security@collectiveidea.com | FALSE | FALSE | TRUE | |||
| Harvest | https://hackerone.com/harvest | TRUE | FALSE | TRUE | ||||
| Hellosign | https://www.hellosign.com/legal/security | security@hellosign.com | TRUE | FALSE | FALSE | |||
| Heroku | https://bugcrowd.com/heroku | https://bugcrowd.com/heroku/report | TRUE | TRUE | TRUE | |||
| Hewlett Packard | https://www.hpe.com/us/en/services/security-vulnerability.html | https://www.hpe.com/h41268/live/index_e.aspx?qid=11503 | FALSE | FALSE | FALSE | |||
| Hex-Rays | http://www.hex-rays.com/bugbounty.shtml | bugbounty@hex-rays.com | TRUE | FALSE | FALSE | |||
| HitBTC | https://hitbtc.com/bug-report | https://hitbtc.com/bug-report | TRUE | FALSE | FALSE | |||
| Hiver | https://hiverhq.com/disclosure | security@hiverhq.com | FALSE | FALSE | TRUE | |||
| Holland Controls | https://www.holland-controls.com/responsible-disclosure | security@holland-controls.com | FALSE | FALSE | TRUE | |||
| Homebrew | https://hackerone.com/homebrew | FALSE | FALSE | TRUE | ||||
| Honeywell | https://www.honeywell.com/product-security | https://www.honeywell.com/product-security#tab-3f04309a-5f43-460d-a5a1-6103baf0d303 | FALSE | FALSE | TRUE | |||
| Hootsuite | https://hootsuite.com/security/response | security@hootsuite.com | FALSE | FALSE | TRUE | |||
| Hostinger | https://www.hostinger.com/responsible-disclosure-policy | abuse@hostinger.com | TRUE | FALSE | FALSE | full | ||
| Huawei | https://www.huawei.com/en/psirt/report-vulnerabilities | psirt@huawei.com | FALSE | FALSE | FALSE | |||
| HubSpot | https://bugcrowd.com/hubspot | https://bugcrowd.com/hubspot/report | FALSE | FALSE | TRUE | |||
| Humble Bundle | https://bugcrowd.com/humblebundle | https://bugcrowd.com/humblebundle/report | FALSE | FALSE | TRUE | |||
| Hunter.io | https://hunter.io/security-bounty-program | support@hunter.io | TRUE | FALSE | TRUE | |||
| Hyatt | https://hackerone.com/hyatt | TRUE | FALSE | TRUE | full | |||
| Hyatt | https://hackerone.com/hyatt | https://hackerone.com/hyatt | TRUE | FALSE | TRUE | full | ||
| Hyperledger | https://hackerone.com/hyperledger | TRUE | FALSE | TRUE | ||||
| IBM | https://www.ibm.com/security/secure-engineering/report.html | https://hackerone.com/ibm | FALSE | FALSE | TRUE | |||
| ICQ | https://hackerone.com/icq | TRUE | FALSE | TRUE | ||||
| ICS-CERT | https://ics-cert.us-cert.gov/ICS-CERT-Vulnerability-Disclosure-Policy | ics-cert@hq.dhs.gov | FALSE | FALSE | FALSE | |||
| iFixit | http://www.ifixit.com/Info/Responsible_Disclosure | security@ifixit.com | FALSE | FALSE | TRUE | |||
| IHC | https://www.royalihc.com/en/responsible-disclosure-policy | ITSecurity@royalihc.com | FALSE | FALSE | TRUE | partial | ||
| ING NL | http://www.ing.nl/de-ing/veilig-bankieren/veiligheidsbeleid-van-de-ing/meldpunt-kwetsbaarheden/ | responsible-disclosure@ing.com | TRUE | FALSE | FALSE | |||
| IOTA | https://bugcrowd.com/iota | https://bugcrowd.com/iota/report | TRUE | FALSE | TRUE | |||
| IRCCloud | https://hackerone.com/irccloud | TRUE | FALSE | TRUE | ||||
| iRobot | https://bugcrowd.com/irobot | https://bugcrowd.com/irobot/report | TRUE | FALSE | TRUE | |||
| Ian Dunn | https://hackerone.com/iandunn-projects | TRUE | FALSE | TRUE | ||||
| Icann | https://www.icann.org/vulnerabilities | vulnerability@icann.org | FALSE | FALSE | FALSE | |||
| Iconloop | https://hackerone.com/iconloop_inc | https://hackerone.com/iconloop_inc | TRUE | FALSE | TRUE | |||
| Ikea | https://www.ikea.com/ms/en_ES/responsible-disclosure/responsible_disclosure.html | https://app.zerocopter.com/rd/9213ded2-6bb5-4f1a-8d74-c6fc1a04b675 | TRUE | FALSE | FALSE | partial | ||
| Imgur | https://hackerone.com/imgur | TRUE | TRUE | TRUE | ||||
| Impero Software | https://www.imperosoftware.com/fr/reporting-vulnerabilities/ | security@imperosoftware.com | FALSE | FALSE | FALSE | |||
| Impinj | https://hackerone.com/impinj | FALSE | FALSE | TRUE | ||||
| InVision | https://bugcrowd.com/invision | https://bugcrowd.com/invision/report | TRUE | FALSE | TRUE | |||
| Indeed | https://bugcrowd.com/indeed | https://bugcrowd.com/indeed/report | TRUE | FALSE | TRUE | |||
| Independer | http://www.independer.nl/algemeen/info/responsible-disclosure.aspx | beveiliging@independer.nl | TRUE | FALSE | FALSE | partial | ||
| Inflection | https://hackerone.com/inflection | TRUE | FALSE | TRUE | ||||
| Inflectra | https://www.inflectra.com/company/responsible-disclosure.aspx | support@inflectra.com | FALSE | FALSE | TRUE | |||
| Infoplus Commerce | https://www.infopluscommerce.com/legal/responsible-disclosure-policy | https://support.infopluscommerce.com/support/tickets/new | FALSE | FALSE | FALSE | |||
| Informatica | https://hackerone.com/informatica | FALSE | TRUE | TRUE | ||||
| Informatiebeveiliging | https://informatiebeveiliging.nl/ | directie@informatiebeveiliging.nl | FALSE | FALSE | FALSE | |||
| Ing | https://www.ing.com/ING.com-Security.htm | responsible-disclosure@ing.com | TRUE | FALSE | FALSE | |||
| Ingenico | https://www.ingenico.com/responsible-disclosure-program | responsibledisclosure@ingenico.com | FALSE | FALSE | TRUE | |||
| InnoGames | https://hackerone.com/innogames | https://hackerone.com/innogames | TRUE | FALSE | TRUE | full | ||
| Instacart | https://hackerone.com/instacart | TRUE | FALSE | TRUE | ||||
| Instructure | https://blog.bugcrowd.com/private-bug-bounty-program-instructure/ | security@instructure.com | TRUE | FALSE | TRUE | |||
| IntegraXor (SCADA) | http://www.integraxor.com/blog/integraxor-hmi-scada-bug-bounty-program | https://www.integraxor.com/support/ | TRUE | TRUE | TRUE | |||
| Intel | https://www.intel.com/content/www/us/en/security-center/default.html | secure@intel.com | TRUE | FALSE | TRUE | |||
| Intercom | https://bugcrowd.com/intercom | https://bugcrowd.com/intercom/report | TRUE | FALSE | TRUE | |||
| Internet Freedom | https://hackerone.com/ibb-if | TRUE | FALSE | FALSE | ||||
| Internetwache | https://en.internetwache.org/security/ | security@internetwache.org | FALSE | FALSE | TRUE | partial | ||
| Intuo | https://www.intuo.io/security | philip@intuo.io | FALSE | FALSE | FALSE | |||
| IpSwitch | https://www.ipswitch.com/vulnerability-disclosure-policy | security@ipswitch.com | FALSE | FALSE | TRUE | |||
| Issuu | https://issuu.com/responsible-disclosure | https://help.issuu.com/hc/en-us/requests/new?ticket_form_id=114093960194 | FALSE | FALSE | TRUE | |||
| Iterable | https://iterable.com/trust/responsible-disclosure-policy/ | security@iterable.com | FALSE | FALSE | FALSE | |||
| Ivanti | https://www.ivanti.com/support/contact-security | responsible.disclosure@ivanti.com | FALSE | TRUE | FALSE | partial | ||
| JCPenny | https://www.jcpenney.com/m/responsible-disclosure-program | IT-security@jcp.com | FALSE | FALSE | FALSE | partial | ||
| Jamieweb | https://www.jamieweb.net/contact/ | security@jamieweb.net | FALSE | FALSE | TRUE | |||
| Jazz Networks | https://www.jazznetworks.com/security/ | security@jazznetworks.com | FALSE | FALSE | TRUE | partial | ||
| Jenkins | https://wiki.jenkins-ci.org/display/JENKINS/How+to+report+an+issue#Howtoreportanissue-Creatingtheissue | https://wiki.jenkins.io/display/JENKINS/How+to+report+an+issue#Howtoreportanissue-Creatingtheissue | FALSE | FALSE | FALSE | |||
| Jet.com | https://bugcrowd.com/jet | https://bugcrowd.com/jet/report | TRUE | FALSE | TRUE | |||
| JohnBlackBourn | https://hackerone.com/johnblackbourn | FALSE | FALSE | TRUE | ||||
| Johnson & Johnson | https://www.productsecurity.jnj.com/ | productsecurity@its.jnj.com | FALSE | FALSE | FALSE | |||
| Jruby | https://www.jruby.org/security | security@jruby.org | FALSE | FALSE | FALSE | |||
| JumpleAd | https://jumplead.com/about/security | https://jumplead.com/about/security | TRUE | FALSE | TRUE | partial | ||
| Juniper | https://www.juniper.net/us/en/security/report-vulnerability/ | sirt@juniper.net | FALSE | FALSE | FALSE | |||
| KPN | https://www.kpn.com/algemeen/missie-en-privacy-statement/beveiligingskwetsbaarheid/beveiligingslek-melden.htm | https://www.kpn.com/algemeen/missie-en-privacy-statement/beveiligingskwetsbaarheid/beveiligingslek-melden.htm | FALSE | FALSE | FALSE | |||
| Kadince | https://www.kadince.com/legal/security_policy | security@kandice.com | FALSE | FALSE | FALSE | |||
| Kaspersky | https://support.kaspersky.com/vulnerability | https://support.kaspersky.com/vulnerability.aspx?el=12429#block1 | TRUE | FALSE | TRUE | full | ||
| Kayak | https://www.kayak.co.in/security | security@kayak.com | FALSE | FALSE | FALSE | |||
| Kayesa | https://www.kaseya.com/legal/vulnerability-disclosure-policy | security@kaseya.com | FALSE | FALSE | TRUE | |||
| Keeper Security | https://bugcrowd.com/keepersecurity | https://bugcrowd.com/keepersecurity/report | FALSE | FALSE | TRUE | full | ||
| Keming Labs | http://keminglabs.com/security_disclosure/ | security@keminglabs.com | FALSE | FALSE | FALSE | |||
| Kenna Security | https://bugcrowd.com/kennasecurity | https://bugcrowd.com/kennasecurity/report | TRUE | FALSE | TRUE | |||
| Keybase | https://hackerone.com/keybase | TRUE | FALSE | TRUE | ||||
| Khan Academy | https://hackerone.com/khanacademy | FALSE | FALSE | TRUE | ||||
| Kissflow | https://kissflow.com/responsible-disclosure/ | security@kissflow.com | TRUE | TRUE | TRUE | |||
| Kiwa | https://www.kiwa.com/en/responsible-disclosure-policy/ | responsibledisclosure@kiwa.nl | FALSE | FALSE | FALSE | partial | ||
| Kraken | https://www.kraken.com/security/bug-bounty | bugbounty@kraken.com | TRUE | FALSE | TRUE | |||
| LINE | https://bugbounty.linecorp.com/en/ | https://bugbounty.linecorp.com/en/ | TRUE | FALSE | TRUE | |||
| LastPass | https://bugcrowd.com/lastpass | https://bugcrowd.com/lastpass/report | TRUE | FALSE | TRUE | |||
| Leetcode | https://leetcode.com/bugbounty/ | support@leetcode.com | TRUE | FALSE | FALSE | partial | ||
| Legal Robot | https://www.legalrobot.com/bounty/ | security@legalrobot.com | TRUE | FALSE | TRUE | full | ||
| Leica Biosystems | https://www.leicabiosystems.com/index.php?&ADMCMD_prev=df2e24a055bae99c1033a8b7b17cadf1&id=19671&L=0 | lbs.productsecurity@leicabiosystems.com | 2/15/19 | FALSE | FALSE | FALSE | ||
| Lenova | https://www.lenovo.com/us/en/product-security/vulnerability-disclosure-policy | psirt@lenovo.com | FALSE | FALSE | TRUE | |||
| LeverEX | https://medium.com/leverex/leverex-bug-bounty-program-10e53d0d7901 | TRUE | FALSE | FALSE | ||||
| LiberaPay | https://en.liberapay.com/about/security | admin@liberapay.com | TRUE | FALSE | TRUE | full | ||
| Librato | https://metrics.librato.com/vulnerability | psirt@solarwinds.com | FALSE | FALSE | TRUE | |||
| LifeOmic | https://hackerone.com/lifeomic | FALSE | TRUE | TRUE | full | |||
| Lifelock | https://lifelock.responsibledisclosure.com/hc/en-us | https://lifelock.responsibledisclosure.com/hc/en-us/requests/new | FALSE | FALSE | TRUE | |||
| Liferay | https://www.liferay.com/security | security@liferay.com | 2012 | FALSE | FALSE | TRUE | ||
| Light Speed | https://www.lightspeedhq.com/security/ | security@lightspeedhq.com | FALSE | FALSE | FALSE | |||
| https://security.linkedin.com/vulnerabilty-disclosure | security@linkedin.com | FALSE | FALSE | FALSE | ||||
| Linksys | https://www.belkin.com/us/security/ | security@linksys.com | FALSE | FALSE | TRUE | partial | ||
| Livestream | https://hackerone.com/livestream | https://hackerone.com/livestream | TRUE | FALSE | TRUE | partial | ||
| Lob | https://hackerone.com/lob | https://hackerone.com/lob | TRUE | FALSE | TRUE | full | ||
| LocalTapiola | https://hackerone.com/localtapiola | TRUE | FALSE | TRUE | ||||
| Logentries | https://logentries.com/doc/security/ | security@logentries.com | FALSE | FALSE | TRUE | |||
| Loofah | https://hackerone.com/loofah | FALSE | FALSE | FALSE | ||||
| Looker | https://looker.com/product/security/disclosure | security@looker.com | FALSE | FALSE | TRUE | partial | ||
| Lookout | https://www.lookout.com/legal/responsible-disclosure | security@lookout.com | FALSE | FALSE | FALSE | partial | ||
| Lyft | https://www.lyft.com/security | https://www.lyft.com/security | TRUE | FALSE | FALSE | |||
| Lyst | https://hackerone.com/lyst | TRUE | FALSE | TRUE | ||||
| M-Files | https://www.m-files.com/en/vulnerability-disclosure | security@m-files.com | FALSE | FALSE | FALSE | |||
| MIT | https://bounty.mit.edu/ | https://idp.mit.edu/idp/Authn/MIT?conversation=e4s1 | TRUE | FALSE | FALSE | |||
| MSV | https://shop.msv.com/About/Legal | vulnerability@msv.com | FALSE | FALSE | FALSE | partial | ||
| Magento | https://hackerone.com/magento | https://hackerone.com/magento | TRUE | FALSE | TRUE | full | ||
| Magic Leap Cloud | https://bugcrowd.com/magicleapcloud | https://bugcrowd.com/magicleapcloud/report | TRUE | FALSE | TRUE | |||
| MagicLeap Device | https://bugcrowd.com/magicleapdevice | https://bugcrowd.com/magicleapdevice/report | TRUE | FALSE | TRUE | |||
| Magix AG | http://research.magix.com/ | security@magix.net | FALSE | FALSE | TRUE | |||
| Mahara | https://wiki.mahara.org/index.php/Contributors#Security_Researchers | FALSE | FALSE | TRUE | ||||
| Mail.Ru | https://hackerone.com/mailru | TRUE | FALSE | TRUE | ||||
| Mailchimp | https://mailchimp.com/about/security/ | https://mailchimp.com/about/security/ | FALSE | FALSE | FALSE | partial | ||
| Mailgun | https://bugcrowd.com/mailgun | https://bugcrowd.com/mailgun/report | TRUE | FALSE | TRUE | |||
| Mailtag | https://www.mailtag.io/disclosure-policy | Hi@MailTag.io | FALSE | FALSE | FALSE | |||
| Mailtrack | https://mailtrack.io/en/responsible-vulnerability | security-report@mailtrack.io | FALSE | FALSE | FALSE | |||
| Malwarebytes | https://www.malwarebytes.org/secure/ | bug-bounty@malwarebytes.com | TRUE | FALSE | TRUE | |||
| ManageWP | https://managewp.com/white-hat-reward | https://managewp.com/white-hat-reward | TRUE | FALSE | TRUE | |||
| Mapbox | https://hackerone.com/mapbox | TRUE | FALSE | TRUE | ||||
| MapsMarker.com.eu | https://hackerone.com/mapsmarker_com_e_u | TRUE | FALSE | TRUE | ||||
| MariaDB | https://hackerone.com/mariadb | FALSE | FALSE | TRUE | ||||
| Marketo | https://documents.marketo.com/legal/notices/responsible-disclosure-policy.pdf | securityteam@marketo.com | FALSE | FALSE | FALSE | |||
| Marktplaats | https://www.marktplaats.nl/i/help/veilig-en-succesvol/responsible-disclosure-program.dot.html | https://app.zerocopter.com/en/rd/0d37aefa-0c1f-4d3e-a4c5-d4879460d595 | TRUE | FALSE | FALSE | |||
| Massachusetts Institute of Technology | https://bounty.mit.edu/ | https://bounty.mit.edu/ | TRUE | FALSE | TRUE | |||
| Mastercard | https://bugcrowd.com/mastercard | https://bugcrowd.com/mastercard/report | TRUE | FALSE | TRUE | |||
| Matomo | https://hackerone.com/matomo | TRUE | FALSE | TRUE | ||||
| Mattermost | https://about.mattermost.com/report-security-issue/ | https://mattermost.com/security-vulnerability-report/ | FALSE | FALSE | TRUE | |||
| Maximum | https://hackerone.com/maximum | TRUE | FALSE | TRUE | ||||
| McAfee | https://www.mcafee.com/enterprise/en-us/threat-center/advanced-threat-research/disclosure.html | ATR_Vuln@McAfee.com | FALSE | FALSE | FALSE | |||
| McKinsey | https://mckinsey.responsibledisclosure.com/hc/en-us | https://mckinsey.responsibledisclosure.com/hc/en-us/requests/new | FALSE | FALSE | TRUE | |||
| MedISAO | https://members.medisao.com/vulnerability_disclosure/ | https://members.medisao.com/vulnerability_disclosure/ | FALSE | FALSE | FALSE | |||
| MediaTek | https://www.mediatek.com/security-contact | https://www.mediatek.com/security-contact/form | FALSE | FALSE | FALSE | |||
| Mediamarktsaturn | https://hackerone.com/mediamarktsaturn | FALSE | FALSE | TRUE | ||||
| Medium | https://help.medium.com/hc/en-us/articles/213481308-Bug-Bounty-Disclosure-Program | security@medium.com | TRUE | FALSE | TRUE | partial | ||
| Medtronic | http://www.medtronic.com/contact-us/index.htm?cmpid=mdt_plc_2015_US_footer_nav_contact_us_mdt_us_legacy_contact_us_form_link | http://www.medtronic.com/contact-us/index.htm?cmpid=mdt_plc_2015_US_footer_nav_contact_us_mdt_us_legacy_contact_us_form_link | FALSE | FALSE | FALSE | |||
| Meet Fabric | https://meetfabric.com/legal/security-policy | security@meetfabric.com | FALSE | FALSE | TRUE | partial | ||
| Mega.co.nz | https://mega.co.nz/#blog_6 | bugs@mega.co.nz | TRUE | FALSE | FALSE | |||
| MemoTrader | https://bugcrowd.com/memotrader | https://bugcrowd.com/memotrader/report | FALSE | FALSE | TRUE | |||
| Microsoft (Online Services) | http://technet.microsoft.com/en-us/security/dn800983 | secure@microsoft.com | FALSE | FALSE | TRUE | |||
| Microsoft (bounty programs) | http://technet.microsoft.com/en-US/security/dn425036 | secure@microsoft.com | FALSE | FALSE | FALSE | |||
| Microweber | https://microweber.com/become-contributor | https://microweber.com/contact-us | FALSE | FALSE | TRUE | |||
| Mimecast | https://www.mimecast.com/responsible-disclosure/ | disclosure@mimecast.com | FALSE | FALSE | TRUE | partial | ||
| Mimosa | https://mimosa.co/legal/vulnerability | sirt@mimosa.co | FALSE | FALSE | FALSE | partial | ||
| Miniclip | https://hackerone.com/miniclip | FALSE | FALSE | TRUE | ||||
| Mobikwik | https://www.mobikwik.com/bug-bounty | infosec@mobikwik.com | FALSE | FALSE | TRUE | |||
| Mobile Vikings | https://hackerone.com/mobilevikings | FALSE | TRUE | TRUE | ||||
| Monero | https://hackerone.com/monero | FALSE | FALSE | TRUE | ||||
| Monetha | https://www.monetha.io/bounty | https://docs.google.com/forms/d/e/1FAIpQLSepEDPWlHn2CVFHHaOlrE_YSnQo7Uj-mV051SmrXZ0t85SYBg/viewform | TRUE | FALSE | TRUE | |||
| Moneybird | https://www.moneybird.nl/security/ | https://hackerone.com/moneybird | FALSE | FALSE | TRUE | partial | ||
| Moneytree KK | https://bugcrowd.com/moneytreekkog | https://bugcrowd.com/moneytreekkog/report | TRUE | FALSE | TRUE | |||
| Moodle | https://docs.moodle.org/dev/Moodle_security_procedures | security@moodle.org | FALSE | FALSE | TRUE | |||
| Motorola | https://www.motorola.com/us/legal/security-vulnerability | security@motorola.com | FALSE | FALSE | FALSE | |||
| MovieXchange | https://moviexchange.com/responsible-disclosure-policy/ | security@movieXchange.com | FALSE | FALSE | TRUE | full | ||
| Mozilla | https://www.mozilla.org/en-US/security/bug-bounty/ | security@mozilla.org | TRUE | TRUE | TRUE | full | ||
| MuJS | https://mujs.com/security.html | https://bugs.ghostscript.com/enter_bug.cgi?product=Security%20-%20MuPDF%2FMuJS | TRUE | FALSE | TRUE | |||
| Multichoice | https://www.dstv.com/topic/multichoice-responsible-disclosure-policy-20151028 | https://selfservice.dstv.com/contact-us | FALSE | FALSE | FALSE | partial | ||
| Multicraft | https://bugcrowd.com/multicraft | https://bugcrowd.com/multicraft/report | TRUE | FALSE | TRUE | |||
| Mvorisicochecker | https://www.mvorisicochecker.nl/de/node/1807 | contact@mvonederland.nl | FALSE | FALSE | FALSE | partial | ||
| MyEtherWallet | https://hackerone.com/myetherwallet | TRUE | FALSE | TRUE | ||||
| MyStuff2 App | http://www.maddysoft.com/iphone/mystuff/bounty.php | rmaddy@maddysoft.com | FALSE | TRUE | TRUE | |||
| Mycrypto | https://hackerone.com/mycrypto | FALSE | FALSE | TRUE | ||||
| Myntra | http://www.myntra.com/security/whitehat | security@myntra.com | FALSE | FALSE | TRUE | |||
| Myob | https://www.myob.com/au/about/security/report-security-vulnerability | securityteam@myob.com | FALSE | FALSE | TRUE | |||
| NCSC-NL | https://www.ncsc.nl/security | cert@ncsc.nl | TRUE | TRUE | FALSE | |||
| NETGEAR Cash Rewards | https://bugcrowd.com/netgear | https://bugcrowd.com/netgear/report | TRUE | FALSE | TRUE | |||
| NETGEAR Kudos Rewards | https://bugcrowd.com/netgearkudos | https://bugcrowd.com/netgearkudos/report | FALSE | FALSE | TRUE | |||
| NGAHR | https://www.ngahr.com/privacy-policies/ | disclosure@ngahr.com | FALSE | FALSE | FALSE | |||
| NN | https://www.nn-group.com/Footer-Pages/Ethical-hacking-NN-Groups-Responsible-Disclosure-Policy.htm | responsible-disclosure@nn-group.com | TRUE | FALSE | FALSE | |||
| NSN Nokia Solutions Networks | http://nsn.com/responsible-disclosure | security-alert@nokia.com | FALSE | FALSE | TRUE | |||
| NWB Bank | https://www.nwbbank.com/responsible-disclosure-2 | info@nwbbank.com | TRUE | FALSE | TRUE | partial | ||
| Namazu | http://www.namazu.org/security.html | security@namazu.org | FALSE | FALSE | FALSE | |||
| Nano | https://hackerone.com/nano | TRUE | FALSE | TRUE | ||||
| National Cyber Security Center (Netherlands) | https://www.ncsc.nl/security | ert@ncsc.nl | TRUE | TRUE | FALSE | |||
| Navcoin | https://navcoin.org/en/responsible-disclosure | disclosure@navcoin.org | FALSE | FALSE | FALSE | |||
| Naver Whale | http://bugbounty.whale.naver.com | https://bugbounty.whale.naver.com/en/ | TRUE | FALSE | TRUE | |||
| Neptune | https://www.neptune.io/securitySLA.html | security@neptune.io | TRUE | TRUE | FALSE | |||
| Netapp | https://security.netapp.com/contact/ | security-alert@netapp.com | FALSE | FALSE | FALSE | |||
| Netflix | https://help.netflix.com/en/node/6657 | https://bugcrowd.com/netflix/report | FALSE | FALSE | TRUE | partial | ||
| New Relic | https://hackerone.com/newrelic | FALSE | FALSE | TRUE | ||||
| Nextcloud | https://hackerone.com/nextcloud | TRUE | FALSE | TRUE | ||||
| Nexuzhealth | https://www.intigriti.com/public/project/uz%20leuven/nexuzhealthwebpacs | https://www.intigriti.com/public/project/uz%20leuven/nexuzhealthwebpacs | TRUE | FALSE | FALSE | full | ||
| Nginx | http://nginx.org/en/security_advisories.html | security-alert@nginx.org | TRUE | FALSE | TRUE | |||
| Nike | https://www.nike.com/help/a/responsible-disclosure | infosec@nike.com | FALSE | FALSE | FALSE | |||
| Nimiq | https://hackerone.com/nimiq | TRUE | FALSE | TRUE | ||||
| Nintendo | https://hackerone.com/nintendo | TRUE | FALSE | TRUE | ||||
| Node.js | https://hackerone.com/nodejs | TRUE | FALSE | TRUE | ||||
| Nokia | https://networks.nokia.com/responsible-disclosure | security-alert@nokia.com | FALSE | FALSE | TRUE | |||
| Nokogiri | https://hackerone.com/nokogiri | FALSE | FALSE | TRUE | ||||
| Norada | http://norada.com/crm-software/security_response | security@norada.com | FALSE | FALSE | TRUE | |||
| Notepad++ | https://hackerone.com/notepad-plus-plus | https://hackerone.com/notepad-plus-plus | FALSE | FALSE | TRUE | full | ||
| Nowsecure | https://www.nowsecure.com/company/responsible-disclosure-policy/ | https://www.nowsecure.com/contact/ | FALSE | FALSE | FALSE | |||
| Nvidia | https://www.nvidia.com/object/submit-security-vulnerability.html | https://www.nvidia.com/object/submit-security-vulnerability.html | TRUE | FALSE | TRUE | |||
| OLA | https://www.olacabs.com/whitehat? | https://www.olacabs.com/whitehat?page=reportIssue | TRUE | FALSE | FALSE | |||
| OLAcabs | https://www.olacabs.com/whitehat | https://www.olacabs.com/whitehat?page=reportIssue | TRUE | FALSE | TRUE | |||
| OSLO BORS | https://www.oslobors.no/ob_eng/Oslo-Boers/About-Oslo-Boers/Responsible-Disclosure | security@oslobors.no | FALSE | FALSE | TRUE | partial | ||
| OVH | https://bountyfactory.io/hunter/submit/program/42 | https://bountyfactory.io/hunter/submit/program/42 | FALSE | FALSE | FALSE | |||
| OWASP CSRFGuard | https://bugcrowd.com/owaspcrsfguard | https://bugcrowd.com/owaspcrsfguard/report | FALSE | FALSE | TRUE | |||
| OWASP Java Encoder | https://bugcrowd.com/owaspjavaencoder | https://bugcrowd.com/owaspjavaencoder/report | FALSE | FALSE | TRUE | |||
| OWASP Java HTML Sanitizer | https://bugcrowd.com/owaspjavasanitizer | https://bugcrowd.com/owaspjavasanitizer/report | FALSE | FALSE | TRUE | |||
| OWASP ZAP | https://bugcrowd.com/owaspzap | https://bugcrowd.com/owaspzap/report | TRUE | FALSE | TRUE | |||
| Oath | https://hackerone.com/oath | TRUE | FALSE | FALSE | ||||
| Observu | http://observu.com/security.php | info@observu.com | FALSE | FALSE | TRUE | |||
| Ok.ru | https://hackerone.com/ok | TRUE | FALSE | TRUE | ||||
| Okta | https://bugcrowd.com/okta | https://bugcrowd.com/okta/report | TRUE | FALSE | TRUE | |||
| Olark | http://www.olark.com/customer/portal/articles/1237352 | support+security@olark.com | TRUE | TRUE | TRUE | |||
| Olx | https://hackerone.com/olx | FALSE | FALSE | TRUE | ||||
| Omise | https://hackerone.com/omise | https://hackerone.com/omise | TRUE | FALSE | TRUE | |||
| Ondeck | https://www.ondeck.com/security-policy | security@ondeck.com | FALSE | FALSE | TRUE | |||
| One Identity | https://support.oneidentity.com/contact-us/report-security-vulnerability | https://support.oneidentity.com/contact-us/report-security-vulnerability | FALSE | FALSE | TRUE | |||
| OneLogin | https://www.onelogin.com/security | security@onelogin.com | FALSE | FALSE | TRUE | |||
| Onfido | https://onfido.com/responsibledisclosure/ | security@onfido.com | FALSE | FALSE | FALSE | |||
| Online Seminar | https://www.onlineseminar.com/security/ | security@onlineseminar.nl | TRUE | FALSE | TRUE | partial | ||
| Open Source University | https://medium.com/the-os-university-blog/os-university-smart-contracts-are-live-edu-token-bug-bounty-reward-awaits-you-27c1de006249 | security@os.university | TRUE | FALSE | FALSE | full | ||
| Open Xchange | https://hackerone.com/open-xchange | TRUE | FALSE | TRUE | ||||
| OpenBSD | http://www.openbsd.org/security.html | deraadt@openbsd.org | FALSE | FALSE | FALSE | |||
| OpenSSL | https://www.openssl.org/community/#securityreports | openssl-security@openssl.org | TRUE | FALSE | TRUE | |||
| OpenStack | https://security.openstack.org/#how-to-report-security-issues-to-openstack | https://security.openstack.org/#how-to-report-security-issues-to-openstack | FALSE | FALSE | FALSE | |||
| OpenText | http://opentext.com/2/global/company/security-acknowledgements.htm | https://www.opentext.com/about/contact-us/contact-opentext | FALSE | FALSE | TRUE | |||
| OpenVPN | https://hackerone.com/ibb-openvpn | TRUE | FALSE | TRUE | ||||
| Opera | https://www.opera.com/security/policy | security@opera.com | FALSE | FALSE | TRUE | |||
| Optimizely | https://bugcrowd.com/optimizely | https://bugcrowd.com/optimizely/report | TRUE | FALSE | TRUE | |||
| Oracle | https://www.oracle.com/africa/corporate/security-practices/assurance/vulnerability/reporting.html | secalert_us@oracle.com | FALSE | FALSE | FALSE | |||
| Orion Health | https://orionhealth.com/us/support/responsible-disclosure/ | http://web.orionhealth.com/General-Enquiries-Form-US.html | FALSE | FALSE | TRUE | |||
| Orkut | http://www.google.com/about/appsecurity/reward-program/ | https://www.google.com/appserve/security-bugs/m2/new?rl=&key= | TRUE | FALSE | TRUE | |||
| Overstock | https://bugcrowd.com/overstockvdp | https://bugcrowd.com/overstockvdp/report | FALSE | FALSE | TRUE | |||
| Owox | https://hackerone.com/owox | FALSE | FALSE | TRUE | ||||
| PC Extreme | https://www.pcextreme.com/policies/responsible-disclosure | security@pcextreme.nl | TRUE | FALSE | FALSE | partial | ||
| PERL (Bug Bounty) | https://hackerone.com/ibb-perl | TRUE | FALSE | TRUE | ||||
| PHP | https://bugs.php.net/report.php?bug_type=Security | security@php.net | TRUE | FALSE | TRUE | |||
| PHP (Bug Bounty) | https://hackerone.com/ibb-php | TRUE | FALSE | TRUE | ||||
| PIVX-Project | https://hackerone.com/pivx-project | TRUE | FALSE | TRUE | ||||
| PTC | https://www.ptc.com/en/documents/security/coordinated-vulnerability-disclosure | cvd@ptc.com | FALSE | FALSE | TRUE | partial | ||
| Pagerduty | https://www.pagerduty.com/security/disclosure/ | security@pagerduty.com | FALSE | FALSE | FALSE | |||
| Palo Alto Networks | https://securityadvisories.paloaltonetworks.com/Report | psirt@paloaltonetworks.com | FALSE | FALSE | FALSE | |||
| Panasonic | https://www.panasonic.com/global/corporate/product-security/sec/psirt/policy.html | https://www.panasonic.com/global/corporate/product-security/sec/psirt/inquiry.html | FALSE | FALSE | FALSE | |||
| Pantheon | https://bugcrowd.com/pantheon | https://bugcrowd.com/pantheon/report | FALSE | FALSE | TRUE | |||
| Panzura | https://panzura.com/support/panzura-security-policy/ | security@panzura.com | FALSE | FALSE | TRUE | |||
| Paragon Initiative Enterprises | https://hackerone.com/paragonie | TRUE | FALSE | TRUE | partial | |||
| Parrot Sec | https://hackerone.com/parrot_sec | FALSE | FALSE | TRUE | ||||
| Passhash | https://hackerone.com/passhash | FALSE | FALSE | TRUE | ||||
| Passit | https://hackerone.com/passit | FALSE | FALSE | TRUE | ||||
| PasteCoin | https://www.pastecoin.com/bug_bounty | support@pastecoin.com | TRUE | FALSE | TRUE | |||
| Payboy | https://payboy.biz/security | security@payboy.biz | FALSE | FALSE | FALSE | partial | ||
| Paychoice | http://www.paychoice.com.au/security/#security-researchers | security@paychoice.com.au | FALSE | FALSE | TRUE | |||
| Paymill | https://developers.paymill.com/guides/security/security-standards | security@paymill.com | FALSE | FALSE | TRUE | |||
| Paypal | https://www.paypal.com/us/webapps/mpp/security-tools/reporting-security-issues | https://www.hackerone.com/ | TRUE | FALSE | TRUE | |||
| Perl | http://perldoc.perl.org/perlsec.html#SECURITY-VULNERABILITY-CONTACT-INFORMATION | perl5-security-report@perl.org | TRUE | FALSE | TRUE | |||
| Personal Capital | https://www.personalcapital.com/responsible-disclosure/ | https://www.personalcapital.com/responsible-disclosure/ | FALSE | FALSE | FALSE | full | ||
| Phabricator | https://hackerone.com/phabricator | TRUE | FALSE | TRUE | ||||
| Philips | https://www.philips.com/a-w/security/coordinated-vulnerability-disclosure.html | productsecurity@philips.com | FALSE | FALSE | TRUE | partial | ||
| Pidgin | http://pidgin.im/security/ | security@pidgin.im | FALSE | FALSE | TRUE | |||
| Pillpack | https://pillpack.responsibledisclosure.com/hc/en-us | https://pillpack.responsibledisclosure.com/hc/en-us/requests/new | FALSE | FALSE | TRUE | |||
| https://bugcrowd.com/pinterest/ | https://bugcrowd.com/pinterest/report | TRUE | FALSE | TRUE | ||||
| Piwik | http://piwik.org/security/ | security@matomo.org | FALSE | FALSE | TRUE | |||
| Plaid | https://hackerone.com/plaid | TRUE | FALSE | TRUE | ||||
| PlanetHoster | https://bugcrowd.com/planethosterinc | https://bugcrowd.com/planethosterinc/report | TRUE | FALSE | TRUE | |||
| Platform161 | https://platform161.com/responsible-disclosure/ | support@platform161.com | FALSE | FALSE | FALSE | partial | ||
| Plugin Alliance | https://www.plugin-alliance.com/en/security.html | https://www.plugin-alliance.com/en/tech-support.html | FALSE | FALSE | FALSE | partial | ||
| Polar SSL | https://tls.mbed.org/bug-bounty-program | support.mbedtls@arm.com | TRUE | FALSE | FALSE | partial | ||
| Poli | https://www.polipayments.com/VulnerabilityDisclosurePolicy | security@polipayments.com | FALSE | FALSE | FALSE | partial | ||
| Pornhub | https://hackerone.com/pornhub | TRUE | FALSE | TRUE | ||||
| PortSwigger Web Security | https://hackerone.com/portswigger | TRUE | FALSE | TRUE | ||||
| PostNL | https://www.postnl.nl/en/responsible-disclosure/ | https://app.zerocopter.com/rd/caff4c53-e588-440b-9b07-c54b8e877c83 | FALSE | TRUE | TRUE | partial | ||
| Postmark | https://postmarkapp.com/support/article/779-responsible-disclosure-policy | https://wildbit.wufoo.com/forms/wildbit-security-response/ | FALSE | TRUE | TRUE | partial | ||
| Postmates | https://hackerone.com/postmates | https://hackerone.com/postmates | TRUE | FALSE | TRUE | |||
| PowerDNS | https://hackerone.com/powerdns | TRUE | FALSE | TRUE | ||||
| Prezi | https://bugbounty.prezi.com/ | security@infogr.am | TRUE | FALSE | FALSE | |||
| Priceline | https://hackerone.com/priceline | https://hackerone.com/priceline | TRUE | FALSE | TRUE | full | ||
| Pro.z | https://go.proz.com/bug-bounty-disclosure-program | security@proz.com | FALSE | FALSE | FALSE | |||
| Proofpoint | https://www.proofpoint.com/us/security | security@proofpoint.com | FALSE | FALSE | TRUE | |||
| Punchh | https://punchh.com/security | https://hackerone.com/79b77b5d-abe5-4210-9d1f-7b63465d1d4e/embedded_submissions/new | FALSE | FALSE | FALSE | |||
| Puppet | https://puppet.com/blog/responsible-disclosure-of-security-vulnerabilities | security@puppetlabs.com | FALSE | FALSE | TRUE | |||
| Puppet Labs | https://puppet.com/security | security-infrastructure@puppet.com | FALSE | FALSE | TRUE | |||
| PureVPN | https://bugcrowd.com/purevpn | https://bugcrowd.com/purevpn/report | TRUE | FALSE | TRUE | |||
| Pushfor | https://pushfor.com/bug-bounty/ | security-report@pushfor.com | TRUE | FALSE | FALSE | |||
| Python | https://www.python.org/news/security/ | security@python.org | TRUE | FALSE | TRUE | |||
| Qiwi | https://www.qiwi.ru/page/hack.action | https://hackerone.com/qiwi | TRUE | FALSE | FALSE | |||
| Qmail | http://cr.yp.to/qmail/guarantee.html | http://cr.yp.to/qmail/guarantee.html | TRUE | FALSE | FALSE | |||
| Qualcomm | https://www.qualcomm.com/connect/contact/security/product-security | product-security@qualcomm.com | FALSE | FALSE | TRUE | |||
| QuantStamp | https://quantstamp.com/legal/responsible-disclosure | security@quantstamp.com | TRUE | FALSE | FALSE | |||
| Quantopian | https://hackerone.com/quantopian | https://hackerone.com/quantopian | TRUE | FALSE | TRUE | |||
| Quest | https://support.quest.com/contact-us/report-security-vulnerability | https://support.quest.com/contact-us/report-security-vulnerability | FALSE | FALSE | FALSE | |||
| Quora | https://hackerone.com/quora | TRUE | FALSE | TRUE | full | |||
| RBKMoney | https://hackerone.com/rbkmoney | FALSE | FALSE | TRUE | ||||
| RBS Help | http://personal.rbs.co.uk/personal/security-centre/responsible-disclosure.html | security.disclosures@rbs.co.uk | TRUE | FALSE | TRUE | |||
| RSK | https://hackerone.com/rsksmart | TRUE | FALSE | TRUE | ||||
| Rackspace | http://www.rackspace.com/information/legal/rsdp | security@rackspace.com | FALSE | FALSE | TRUE | |||
| Rapid7 | https://www.rapid7.com/security/disclosure | https://www.rapid7.com/security/disclosure | FALSE | FALSE | FALSE | |||
| Ratelimited | https://hackerone.com/ratelimited | FALSE | FALSE | TRUE | ||||
| Razer US | https://hackerone.com/razer_us | FALSE | FALSE | TRUE | ||||
| Razorpay | https://razorpay.com/responsible-disclosure/ | security@razorpay.com | FALSE | TRUE | TRUE | full | ||
| RealSelf | https://bugcrowd.com/realself | https://bugcrowd.com/realself | TRUE | FALSE | TRUE | full | ||
| Recargapay | https://hackerone.com/recargapay | TRUE | FALSE | TRUE | ||||
| Recorded Future | https://www.recordedfuture.com/security/ | security@recordedfuture.com | FALSE | TRUE | TRUE | |||
| Red Gate | https://www.red-gate.com/website/legal | security@red-gate.com | FALSE | FALSE | FALSE | partial | ||
| RedHat | https://access.redhat.com/articles/66234 | site-security@redhat.com | FALSE | FALSE | TRUE | |||
| http://code.reddit.com/wiki/help/whitehat | security@reddit.com | FALSE | FALSE | TRUE | ||||
| Redox | https://bugcrowd.com/redox | https://bugcrowd.com/redox/report | TRUE | FALSE | TRUE | full | ||
| Redstor | https://www.redstor.com/en-us/about/vulnerability-disclosure-policy/ | security@redstor.com | FALSE | FALSE | FALSE | |||
| Redtube | https://hackerone.com/redtube | TRUE | FALSE | TRUE | ||||
| Relaso | http://www.relaso.com/disclosure/ | security@relaso.com | TRUE | FALSE | FALSE | partial | ||
| Replicated | https://www.replicated.com/security/ | security@replicated.com | FALSE | FALSE | FALSE | partial | ||
| Research Gate | https://explore.researchgate.net/display/support/Security+and+vulnerability | https://www.researchgate.net/contact | TRUE | FALSE | FALSE | |||
| Resmed | https://www.resmed.com/us/en/consumer/security/disclosure.html | securityreports@resmed.com | FALSE | FALSE | FALSE | |||
| Reverb | https://hackerone.com/reverb | TRUE | FALSE | TRUE | ||||
| Revive Adserver | https://hackerone.com/revive_adserver | FALSE | FALSE | TRUE | ||||
| Ribose | https://www.ribose.com/feedback/security | https://www.ribose.com/feedback/security | FALSE | TRUE | TRUE | |||
| Rietta | https://rietta.com/contact/security/ | security@rietta.com | FALSE | FALSE | FALSE | |||
| Rightmesh | https://www.rightmesh.io/bug-bounty-program | security@rightmesh.io | TRUE | FALSE | FALSE | full | ||
| Riot Games | http://www.riotgames.com/riot-games-security | https://hackerone.com/riot/ | TRUE | FALSE | TRUE | full | ||
| Ripe NCC | https://www.ripe.net/support/contact/responsible-disclosure-policy | security@ripe.net | FALSE | FALSE | TRUE | |||
| Ripple | https://ripple.com/bug-bounty/ | bugs@ripple.com | TRUE | FALSE | FALSE | |||
| Riskalyze | https://www.riskalyze.com/security-response | security@riskalyze.com | FALSE | FALSE | TRUE | |||
| Robeco | https://www.robeco.com/en/responsible-disclosure.html | https://www.robeco.com/en/responsible-disclosure.html | FALSE | FALSE | FALSE | partial | ||
| Robinhood | https://hackerone.com/robinhood | TRUE | FALSE | TRUE | ||||
| Rocket.Chat | https://rocket.chat/docs/contributing/security/responsible-disclosure-policy/ | security@rocket.chat | FALSE | FALSE | TRUE | |||
| RockstarGames | https://hackerone.com/rockstargames | TRUE | FALSE | TRUE | ||||
| Rollbar | https://docs.rollbar.com/docs/responsible-disclosure-policy | security@rollbar.com | FALSE | FALSE | FALSE | |||
| Royal Bank of Scotland | https://personal.rbs.co.uk/personal/security-centre/responsible-disclosure.html | security.disclosures@rbs.co.uk | FALSE | FALSE | TRUE | |||
| Ruby | https://hackerone.com/ruby | TRUE | FALSE | TRUE | ||||
| Ruby on Rails | https://hackerone.com/rails | TRUE | FALSE | TRUE | ||||
| RubyGems | https://hackerone.com/rubygems | TRUE | FALSE | TRUE | ||||
| SAP | https://www.sap.com/about/cloud-trust-center/secure-cloud-storage/security-report.html | secure@sap.com | FALSE | FALSE | TRUE | |||
| SEEK | https://bugcrowd.com/seek | https://bugcrowd.com/seek/report | TRUE | FALSE | TRUE | |||
| SEMRush | https://hackerone.com/semrush | TRUE | FALSE | TRUE | ||||
| SNS Bank | https://www.devolksbank.nl/veiligheid.html | responsible-disclosure@devolksbank.nl | TRUE | FALSE | FALSE | |||
| Sails.js | https://sailsjs.com/security | critical@sailsjs.io | FALSE | FALSE | FALSE | |||
| Salesforce | https://trust.salesforce.com/en/security/responsible-disclosure-policy/ | security@salesforce.com | FALSE | FALSE | TRUE | partial | ||
| Samsung Mobile | https://security.samsungmobile.com/securityReporting.smsb | https://security.samsungmobile.com/securityReporting.smsb | TRUE | FALSE | FALSE | |||
| Samsung SmartTV | https://samsungtvbounty.com/ReportBug.aspx | https://samsungtvbounty.com/ReportBug.aspx | TRUE | FALSE | FALSE | |||
| Sarahny | https://sarahny.com/security.html | security@sarahny.com | FALSE | FALSE | TRUE | full | ||
| ScaleFT | https://www.scaleft.com/company/security/ | security@scaleft.com | FALSE | FALSE | FALSE | |||
| Schuberg Philis | http://www.schubergphilis.com/newsroom/library/downloads-policies/responsible-disclosure-policy/ | abuse@schubergphilis.com | FALSE | TRUE | TRUE | |||
| Scorpionsoft | https://help.scorpionsoft.com/hc/en-us/articles/218315137-What-is-your-Vulnerability-Disclosure-Policy- | security@scorpionsoft.com | FALSE | FALSE | TRUE | |||
| Secure Cyber Future | https://www.securecyberfuture.com/responsible-disclosure | contact@securecyberfuture.com | TRUE | FALSE | TRUE | |||
| SecureDrop | https://bugcrowd.com/freedomofpress | https://bugcrowd.com/freedomofpress/report | TRUE | FALSE | TRUE | |||
| Securedrop | https://bugcrowd.com/freedomofpress | https://bugcrowd.com/freedomofpress/report | TRUE | FALSE | TRUE | |||
| Security Innovation | https://www.securityinnovation.com/about/security/ | security@securityinnovation.com | FALSE | FALSE | FALSE | |||
| Segment | https://bugcrowd.com/segment | https://bugcrowd.com/segment/report | TRUE | FALSE | TRUE | full | ||
| Selify | https://sellfy.com/security/ | https://docs.sellfy.com/contact | FALSE | FALSE | TRUE | |||
| Selz | https://help.selz.com/article/217-security-escalation | security@selz.com | TRUE | FALSE | FALSE | |||
| Semmle | https://hackerone.com/semmle | https://hackerone.com/semmle | TRUE | FALSE | TRUE | |||
| SendSafely | https://www.sendsafely.com/security/bug-bounty | https://www.sendsafely.com/security/bug-report | TRUE | FALSE | TRUE | |||
| Sense | https://sense.com/vulnerability.html | vulnerability@sense.com | FALSE | FALSE | FALSE | partial | ||
| Sentry | https://sentry.io/security/ | security@sentry.io | FALSE | FALSE | TRUE | |||
| Shapeshift | https://corp.shapeshift.io/responsible-disclosure-program/ | security@shapeshift.io | TRUE | FALSE | TRUE | |||
| Shieldox Security LTD | https://hackerone.com/shieldox_security | https://hackerone.com/shieldox_security | FALSE | FALSE | TRUE | |||
| Shipt | https://hackerone.com/shipt | TRUE | FALSE | TRUE | ||||
| Shopify | https://hackerone.com/shopify | https://hackerone.com/shopify | TRUE | TRUE | TRUE | full | ||
| Showmax | https://hackerone.com/showmax | TRUE | FALSE | TRUE | ||||
| Sidefx | https://www.sidefx.com/responsible-disclosure-program/ | security@sidefx.com | FALSE | FALSE | TRUE | partial | ||
| SignalFX | https://www.signalfx.com/trust/security/responsible-disclosure | security@signalfx.com | TRUE | FALSE | TRUE | |||
| Signhost | https://www.signhost.com/responsibility-disclosure | https://app.zerocopter.com/rd/6a1b4322-d483-4509-a8e5-e03f9633cdef | FALSE | FALSE | TRUE | partial | ||
| Signify | https://www.signify.com/global/product-security | lightingproductsecurity@signify.com | FALSE | FALSE | FALSE | |||
| Signup | https://signup.com/responsible-disclosure-policy | security@Signup.com | FALSE | FALSE | TRUE | partial | ||
| Silvergoldbull | https://silvergoldbull.com/bug-bounty/ | https://silvergoldbull.com/bug-bounty/ | TRUE | FALSE | FALSE | full | ||
| Simple | https://bugcrowd.com/simple | https://bugcrowd.com/simple/report | TRUE | FALSE | TRUE | |||
| Simplerisk | https://www.simplerisk.com/responsible_disclosure_policy | security@simplerisk.com | FALSE | FALSE | TRUE | partial | ||
| SiteGround | https://www.siteground.com/term/92.htm | responsible-disclosure@siteground.com | FALSE | FALSE | TRUE | partial | ||
| Skoodat | http://www.skoodat.com/security | security@skoodat.com | FALSE | FALSE | FALSE | |||
| Skuid | http://www.skuidify.com/security | infosec@skuid.com | FALSE | FALSE | FALSE | |||
| Sky TV | https://skytv.custhelp.com/app/answers/detail/a_id/1797/~/responsible-disclosure-guidelines | https://skytv.custhelp.com/app/answers/detail/a_id/1797/~/responsible-disclosure-guidelines | FALSE | FALSE | TRUE | |||
| Skyscanner | https://bugcrowd.com/skyscanner | https://bugcrowd.com/skyscanner/report | TRUE | FALSE | TRUE | full | ||
| Slack | https://slack.com/report-vulnerability | https://hackerone.com/slack | TRUE | FALSE | TRUE | |||
| SmartThings | https://bugcrowd.com/smartthings | https://bugcrowd.com/smartthings/report | FALSE | FALSE | TRUE | |||
| Smartsheet | https://hackerone.com/smartsheet | https://hackerone.com/smartsheet | TRUE | FALSE | TRUE | |||
| Smule | https://hackerone.com/smule | FALSE | FALSE | TRUE | ||||
| Snapchat | https://hackerone.com/snapchat | TRUE | FALSE | TRUE | ||||
| Snyk | https://snyk.io/docs/security | report@snyk.io | TRUE | FALSE | TRUE | partial | ||
| Socrata | https://bugcrowd.com/socrata | https://bugcrowd.com/socrata/report | TRUE | FALSE | TRUE | partial | ||
| Solidus | https://hackerone.com/solidus | https://hackerone.com/solidus | FALSE | FALSE | TRUE | |||
| Solve360 | https://solve360.com/security-response/ | security@norada.com | FALSE | FALSE | TRUE | |||
| Solvinity | https://www.solvinity.com/responsible-disclosure | security@solvinity.com | FALSE | FALSE | FALSE | partial | ||
| Sonatype | http://www.sonatype.com/contact/report-a-security-issue | http://www.sonatype.com/contact/report-a-security-issue | FALSE | FALSE | FALSE | |||
| Sony | https://hackerone.com/sony | FALSE | TRUE | TRUE | ||||
| Sophos | https://bugcrowd.com/sophos | https://bugcrowd.com/sophos/report | TRUE | FALSE | TRUE | |||
| SoundCloud | https://bugcrowd.com/soundcloud | https://bugcrowd.com/soundcloud/report | TRUE | FALSE | TRUE | full | ||
| Souq | https://hackerone.com/souq | TRUE | FALSE | TRUE | ||||
| Sphero | https://support.sphero.com/article/5drs94lhk5-vulnerability-disclosure-program | security@sphero.com | TRUE | TRUE | FALSE | |||
| Splendid Data | https://www.splendiddata.com/responsible-disclosure-policy/ | security-alert@splendiddata.com | FALSE | TRUE | FALSE | |||
| Splitwise | https://blog.splitwise.com/about/responsible-disclosure-special-thanks/ | security@splitwise.com | FALSE | FALSE | TRUE | |||
| Splunk | https://www.splunk.com/goto/report_vulnerabilities | https://www.splunk.com/goto/report_vulnerabilities_global | FALSE | FALSE | FALSE | |||
| Spokeo | https://www.spokeo.com/security | security@spokeo.com | TRUE | TRUE | TRUE | partial | ||
| Spotify | https://www.spotify.com/us/bounty/ | https://hackerone.com/spotify | TRUE | FALSE | TRUE | |||
| Sprout Social | https://bugcrowd.com/sproutsocial | https://bugcrowd.com/sproutsocial/report | FALSE | FALSE | TRUE | full | ||
| Square | https://bugcrowd.com/square | https://bugcrowd.com/square/report | TRUE | FALSE | TRUE | |||
| Square Open Source | https://bugcrowd.com/squareopensource | https://bugcrowd.com/squareopensource/report | TRUE | FALSE | TRUE | |||
| Squid Cache (IBB) | https://hackerone.com/ibb-squid-cache | https://hackerone.com/ibb-squid-cache | TRUE | FALSE | TRUE | |||
| Stack Exchange | https://stackexchange.com/about/security | https://stackexchange.com/about/security | FALSE | FALSE | TRUE | |||
| StackPath | https://bugcrowd.com/stackpath | https://bugcrowd.com/stackpath/report | FALSE | FALSE | TRUE | |||
| Stackla | https://support.stackla.com/hc/en-us/articles/115005937887-Reporting-a-possible-security-vulnerability-to-Stackla | security@stackla.com | FALSE | FALSE | FALSE | |||
| Stageclip | http://www.stageclip.com/terms-of-use-and-privacy-policy/ | talk@stageclip.com | FALSE | FALSE | FALSE | |||
| Stanford University | https://uit.stanford.edu/security/report-incident | https://uit.stanford.edu/security/report-incident | FALSE | FALSE | FALSE | |||
| Starbucks | https://www.starbucks.com/whitehat | https://hackerone.com/starbucks | TRUE | FALSE | TRUE | |||
| Starling Bank Limited | https://hackerone.com/starling_bank | https://hackerone.com/starling_bank | FALSE | FALSE | TRUE | full | ||
| State of Delaware | https://delaware.gov/help/responsible-disclosure.shtml | https://delaware.gov/help/responsible-disclosure.shtml | FALSE | FALSE | FALSE | |||
| StatusPage.io | https://bugcrowd.com/statuspage | https://bugcrowd.com/statuspage/report | TRUE | TRUE | TRUE | |||
| Stellar | https://www.stellar.org/bug-bounty-program/ | security@stellar.org | TRUE | FALSE | TRUE | |||
| Stripe | https://stripe.com/docs/security/stripe | security@stripe.com | TRUE | FALSE | FALSE | |||
| Stryker | https://www.stryker.com/us/en/about/governance/cyber-security.html | ProductSecurity@stryker.com | FALSE | FALSE | FALSE | partial | ||
| Studo | https://studo.co/security | security@moshbit.com | TRUE | FALSE | FALSE | partial | ||
| Summa | https://www.summa.eu/nl/responsible-disclosure | security@summa.eu | FALSE | FALSE | TRUE | full | ||
| SureVine | https://www.surevine.com/responsible-disclosure-policy/ | security@surevine.com | FALSE | FALSE | TRUE | partial | ||
| Sweatco | https://hackerone.com/sweatco_ltd | https://hackerone.com/sweatco_ltd | FALSE | FALSE | TRUE | |||
| Swiftype | https://swiftype.com/security | security@swiftype.com | FALSE | FALSE | FALSE | partial | ||
| Swisscom | https://www.swisscom.ch/en/about/company/portrait/network/security/bug-bounty.html | bug.bounty@swisscom.com | TRUE | FALSE | FALSE | |||
| Symantec | https://www.symantec.com/security-center/vulnerability-management | https://www.symantec.com/security-center/vulnerability-management | FALSE | FALSE | FALSE | |||
| Synack | https://synack.responsibledisclosure.com/hc/en-us | https://synack.responsibledisclosure.com/hc/en-us/requests/new | FALSE | FALSE | TRUE | |||
| TD Ameritrade | https://www.tdameritrade.com/security/security-vulnerability.page | sirt@tdameritrade.com | FALSE | FALSE | FALSE | |||
| TIAA | https://tiaa.responsibledisclosure.com/hc/en-us | https://tiaa.responsibledisclosure.com/hc/en-us/requests/new | FALSE | FALSE | TRUE | |||
| TTS | https://github.com/18F/vulnerability-disclosure-policy/blob/master/vulnerability-disclosure-policy.md | https://hackerone.com/tts | TRUE | FALSE | TRUE | |||
| Take A Lot | https://www.takealot.com/help/responsible-disclosure-policy | security@takealot.com | FALSE | FALSE | FALSE | partial | ||
| Talent Wall | https://talentwall.io/responsible-disclosure/ | security@talentwall.io | FALSE | FALSE | FALSE | partial | ||
| Tapatalk | https://tapatalk.com/security.php | https://www.tapatalk.com/security.php | FALSE | FALSE | FALSE | |||
| Tarsnap | https://www.tarsnap.com/bugbounty.html | cperciva@tarsnap.com | TRUE | FALSE | FALSE | |||
| Team Unify | http://www.teamunify.com/__corp__/security.php | security@teamunify.com | FALSE | FALSE | FALSE | |||
| TechSmith | https://www.techsmith.com/security.html | https://www.techsmith.com/security.html | FALSE | FALSE | FALSE | |||
| Tele2 | https://www.tele2.nl/thuis/internet/veilig-internetten/stappenplan/ | point@tele2.com | FALSE | FALSE | TRUE | partial | ||
| Telefónica Germany | https://bugcrowd.com/telefonicavdp | https://bugcrowd.com/telefonicavdp/report | FALSE | FALSE | TRUE | |||
| Telekom | https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/security/security/closing-security-gaps-360054 | bugbounty@t-mobile.cz | TRUE | FALSE | TRUE | |||
| Telenet | https://www.intigriti.com/public/project/telenet/telenet | https://www.intigriti.com/public/project/telenet/telenet | FALSE | FALSE | TRUE | full | ||
| Tenable | https://www.tenable.com/security/report | vulnreport@tenable.com | FALSE | FALSE | TRUE | |||
| Tencent | http://en.security.tencent.com/ | https://en.security.tencent.com/index.php/report/add | TRUE | FALSE | FALSE | |||
| Tendermint | https://hackerone.com/tendermint | TRUE | FALSE | FALSE | full | |||
| Teradici | https://hackerone.com/teradici | FALSE | FALSE | TRUE | ||||
| Tesla | https://bugcrowd.com/tesla | https://bugcrowd.com/tesla/report | TRUE | FALSE | TRUE | full | ||
| Tezos | https://tezos.com/bugbounty/ | security@tezos.com | TRUE | FALSE | FALSE | full | ||
| The Atlantic | https://www.theatlantic.com/responsible-disclosure-policy/ | security@theatlantic.com | FALSE | FALSE | FALSE | |||
| The Dutch Security Cluster | https://www.thehaguesecuritydelta.com/responsible-disclosure | joris.denbruinen@thehaguesecuritydelta.com | FALSE | FALSE | TRUE | |||
| The Internet | https://hackerone.com/internet | TRUE | FALSE | TRUE | ||||
| The Things Network | https://www.thethingsnetwork.org/responsible-disclosure | johan@thethingsnetwork.org | FALSE | FALSE | TRUE | |||
| Thumbtack | https://help.thumbtack.com/article/responsible-disclosure-policy | security@thumbtack.com | FALSE | FALSE | TRUE | |||
| TicketSwap | https://www.ticketswap.com/content/responsible-disclosure | security@ticketswap.com | FALSE | FALSE | TRUE | partial | ||
| Tinder | https://www.gotinder.com/security | security@gotinder.com | FALSE | FALSE | FALSE | |||
| Tinfoil Security | https://www.tinfoilsecurity.com/security | security@tinfoilsecurity.com | FALSE | FALSE | FALSE | |||
| TomTom | https://hackerone.com/tomtom | https://hackerone.com/tomtom | FALSE | FALSE | TRUE | |||
| TopDesk | https://www.topdesk.com/us/responsible-disclosure/ | security@topdesk.com | FALSE | FALSE | FALSE | |||
| Tor | https://hackerone.com/torproject | TRUE | FALSE | TRUE | ||||
| Toyota | https://hackerone.com/toyota | FALSE | FALSE | TRUE | partial | |||
| TradingView | https://www.tradingview.com/bounty/ | security@tradingview.com | TRUE | FALSE | FALSE | |||
| Transloadit | https://transloadit.com/security/ | support@transloadit.com | FALSE | FALSE | TRUE | |||
| Trello | https://bugcrowd.com/trello | https://bugcrowd.com/trello/report | TRUE | FALSE | TRUE | full | ||
| Trend Micro | https://success.trendmicro.com/vulnerability-response | security@trendmicro.com | FALSE | FALSE | TRUE | |||
| Trezor | https://trezor.io/security/ | https://trezor.io/security/ | TRUE | FALSE | TRUE | partial | ||
| Trint Ltd | https://hackerone.com/trint | https://hackerone.com/trint | FALSE | FALSE | TRUE | full | ||
| Trip Advisor | https://bugcrowd.com/tripadvisor-vdp | https://bugcrowd.com/tripadvisor-vdp/report | FALSE | FALSE | TRUE | full | ||
| Tron Foundation | https://tron.network/findBug | https://hackerone.com/tronfoundation | TRUE | FALSE | FALSE | full | ||
| Trovisio | https://app.trovisio.com/legal?disclosure=disclosure | info@trovisio.com | FALSE | FALSE | TRUE | |||
| Trustpilot | https://hackerone.com/trustpilot | https://hackerone.com/trustpilot | TRUE | FALSE | TRUE | |||
| Tube8 | https://hackerone.com/tube8 | https://hackerone.com/tube8 | TRUE | FALSE | TRUE | |||
| Tuenti | http://corporate.tuenti.com/en/dev/security | https://corporate.tuenti.com/en/contact/security | FALSE | FALSE | TRUE | |||
| Tumblr | https://tumblr.zendesk.com/hc/en-us/articles/234583348-Bug-Bounty-Program | https://www.tumblr.com/support | TRUE | FALSE | TRUE | |||
| Twilio | https://bugcrowd.com/twilio | https://bugcrowd.com/twilio/report | TRUE | FALSE | TRUE | full | ||
| Twintech Solutions | https://twintechsolutions.in/security-research/vulnerability-disclosure/ | security@twintechsolutions.in | FALSE | FALSE | TRUE | |||
| Twitch | https://www.twitch.tv/p/security | https://www.twitch.tv/p/security | FALSE | FALSE | TRUE | |||
| https://hackerone.com/twitter | TRUE | FALSE | TRUE | |||||
| Twizo | https://www.twizo.com/twizo-responsible-disclosure-policy/ | security@twizo.com | FALSE | FALSE | TRUE | partial | ||
| Typo3 | https://typo3.org/teams/security/ | security@typo3.org | FALSE | FALSE | FALSE | |||
| UMA Project | https://hackerone.com/uma_project | https://hackerone.com/uma_project | TRUE | FALSE | TRUE | full | ||
| UNDER ARMOUR | https://bugcrowd.com/underarmour | https://bugcrowd.com/underarmour/report | FALSE | FALSE | TRUE | |||
| USAA | https://bugcrowd.com/usaa | https://bugcrowd.com/usaa/report | TRUE | FALSE | TRUE | |||
| Uber | https://hackerone.com/uber | TRUE | FALSE | TRUE | ||||
| Ubiquiti Networks | https://hackerone.com/ubnt | TRUE | FALSE | TRUE | ||||
| Udemy | https://support.udemy.com/hc/en-us/articles/229232627-Report-a-Security-Vulnerability | https://hackerone.com/udemy | TRUE | FALSE | FALSE | |||
| UiPath | https://hackerone.com/uipath | https://hackerone.com/uipath | FALSE | FALSE | TRUE | |||
| Umbraco | https://umbraco.com/products/umbraco-cms/security/ | security@umbraco.com | FALSE | FALSE | TRUE | |||
| Unikrn | https://hackerone.com/unikrn | TRUE | FALSE | TRUE | partial | |||
| United Airlines | https://www.united.com/web/en-US/content/contact/bugbounty.aspx | bugbounty@united.com | TRUE | FALSE | FALSE | |||
| United Nations | https://unite.un.org/content/hall-fame | infosec@un.org | FALSE | FALSE | TRUE | |||
| Unity3d | https://unity3d.com/fr/security | security@unity3d.com | FALSE | FALSE | FALSE | |||
| Universiteit Leiden | https://www.staff.universiteitleiden.nl/binaries/content/assets/ul2staff/ict/responsible-disclosure-eng.pdf | abuse@leidenuniv.nl | FALSE | FALSE | FALSE | partial | ||
| University of Twente | https://www.utwente.nl/en/cyber-safety/responsible/ | responsible-disclosure@utwente.nl | FALSE | FALSE | TRUE | |||
| Unloq | https://unloq.io/security | https://unloq.io/contact | FALSE | FALSE | FALSE | |||
| Upgrade | https://hackerone.com/upgrade | https://hackerone.com/upgrade | FALSE | FALSE | TRUE | |||
| Upserve | https://upserve.com/security/ | https://hackerone.com/upserve | TRUE | FALSE | TRUE | full | ||
| Upwork | https://bugcrowd.com/upwork | https://bugcrowd.com/upwork/report | TRUE | FALSE | TRUE | |||
| Urban Dictionary | https://hackerone.com/urbandictionary | FALSE | FALSE | TRUE | ||||
| Ushahidi | https://www.ushahidi.com/security | security@ushahidi.com | FALSE | FALSE | FALSE | partial | ||
| VHX | https://hackerone.com/vhx | https://hackerone.com/vhx | TRUE | FALSE | TRUE | partial | ||
| VI Company | https://www.vicompany.nl/legal/responsible-disclosure | support@vicompany.nl | TRUE | FALSE | FALSE | partial | ||
| VK.com | https://hackerone.com/vkcom | TRUE | FALSE | TRUE | ||||
| Valve | https://hackerone.com/valve | TRUE | FALSE | TRUE | ||||
| Vanilla | https://hackerone.com/vanilla | TRUE | FALSE | TRUE | ||||
| Vend | https://www.vendhq.com/us/pos-security | https://hackerone.com/vend | FALSE | FALSE | TRUE | |||
| VeraCrypt | https://hackerone.com/ibb-veracrypt | TRUE | FALSE | TRUE | ||||
| Verizon | https://www.verizon.com/info/reportsecurityissue/?c=2 | https://hackerone.com/verizonmedia | TRUE | FALSE | TRUE | full | ||
| VersionCake | https://hackerone.com/versioncake | FALSE | FALSE | TRUE | ||||
| Viadeo | http://www.viadeo.com/en/securite | security@viadeo.com | FALSE | FALSE | TRUE | |||
| Vimeo | https://hackerone.com/vimeo | https://hackerone.com/vimeo | TRUE | FALSE | TRUE | partial | ||
| Visma | https://www.visma.com/trust-centre/smb/security-and-privacy/operational/responsible-disclosure/ | responsible-disclosure@visma.com | FALSE | FALSE | TRUE | partial | ||
| Vivy | https://hackerone.com/vivy | FALSE | FALSE | TRUE | full | |||
| Vivy | https://hackerone.com/vivy | https://hackerone.com/vivy | FALSE | FALSE | TRUE | full | ||
| Voatz | https://hackerone.com/voatz | TRUE | FALSE | TRUE | full | |||
| Vodafone | https://www.vodafone.nl/over-deze-website/privacy-en-disclaimer/report-security-leak.shtml | https://www.vodafone.nl/over-deze-website/privacy-en-disclaimer/report-security-leak.shtml | FALSE | FALSE | FALSE | |||
| Voys | https://www.voys.nl/security-responsible-disclosure/#rd | security@wearespindle.com | FALSE | FALSE | TRUE | partial | ||
| Vyond | https://help.vyond.com/hc/en-us/articles/360000497723-How-do-I-Report-a-Security-Vulnerability- | security@vyond.com | FALSE | FALSE | TRUE | partial | ||
| WP Engine | https://bugcrowd.com/realself | https://bugcrowd.com/realself | FALSE | FALSE | TRUE | |||
| Wagwalking | https://wagwalking.com/responsible-disclosure | security@wagwalking.com | TRUE | TRUE | TRUE | partial | ||
| Wakatime | https://hackerone.com/wakatime | FALSE | FALSE | TRUE | ||||
| Walmart | https://corporate.walmart.com/privacy-security | https://corporate.walmart.com/article/responsible-disclosure-policy | TRUE | FALSE | FALSE | partial | ||
| Wamba | http://corp.wamba.com/en/developer/security/#form | http://corp.wamba.com/en/developer/security/#form | TRUE | FALSE | FALSE | |||
| Warden | https://warden.co/pages/security/ | hello@warden.co | TRUE | FALSE | FALSE | partial | ||
| WeTransfer | https://wetransfer.com/legal/disclosure | https://app.zerocopter.com/rd/db5b132c-2029-4a24-a7b5-7135502603f2 | TRUE | FALSE | FALSE | partial | ||
| Webconverger | http://webconverger.org/security/ | http://webconverger.org/security/ | FALSE | FALSE | TRUE | |||
| Weblate | https://hackerone.com/weblate | FALSE | FALSE | TRUE | ||||
| Wefact | https://www.wefact.nl/security/ | helpdesk@wefact.nl | TRUE | FALSE | TRUE | partial | ||
| Wepay | https://hackerone.com/wepay | TRUE | FALSE | TRUE | ||||
| Western Union | https://bugcrowd.com/westernunion | https://bugcrowd.com/westernunion/report | TRUE | FALSE | TRUE | full | ||
| Whmcs | https://bugcrowd.com/whmcs | https://bugcrowd.com/whmcs/report | TRUE | FALSE | TRUE | partial | ||
| Wickr | https://wickr.com/security/bug-bounty/ | bugbounty@wickr.com | TRUE | FALSE | FALSE | |||
| Wordfence | https://www.wordfence.com/security/ | security@wordfence.com | FALSE | FALSE | FALSE | |||
| Wordpoints | https://hackerone.com/wordpoints | TRUE | FALSE | TRUE | ||||
| Wordpress | https://wordpress.org/about/security/ | https://hackerone.com/wordpress | FALSE | FALSE | FALSE | |||
| Workgaps | https://www.workgaps.com/disclosure-policy | security@workgaps.com | TRUE | FALSE | FALSE | full | ||
| Workmarket | https://www.workmarket.com/security | security@workmarket.com | FALSE | FALSE | FALSE | |||
| Xen Project | https://www.xenproject.org/security-policy.html | security@xenproject | FALSE | FALSE | FALSE | |||
| Xerox | https://www.xerox.com/perl-bin/formeng.pl?form=product_security_information_request_7285 | https://www.xerox.com/perl-bin/formeng.pl?form=product_security_information_request_7285 | FALSE | FALSE | FALSE | |||
| Xfinity | https://my.xfinity.com/vulnerabilityreport | https://my.xfinity.com/vulnerabilityreport | FALSE | FALSE | FALSE | |||
| Xilinx | https://hackerone.com/xilinx | https://hackerone.com/xilinx | FALSE | FALSE | TRUE | full | ||
| https://www.xing.com/rfc-2350.txt | FALSE | FALSE | FALSE | |||||
| Yammer | https://technet.microsoft.com/en-us/security/dn800983 | https://technet.microsoft.com/en-us/security/dn800983 | TRUE | FALSE | FALSE | |||
| Yandex | https://yandex.com/bugbounty/report/ | https://yandex.com/bugbounty/report/ | TRUE | FALSE | TRUE | |||
| Yelp | https://hackerone.com/yelp | TRUE | FALSE | TRUE | ||||
| Yesware | https://www.yesware.com/security/ | security@yesware.com | FALSE | FALSE | TRUE | partial | ||
| You Need a Budget (YNAB) | https://bugcrowd.com/ynab | https://bugcrowd.com/ynab/report | TRUE | FALSE | TRUE | full | ||
| YouPorn | https://hackerone.com/youporn | TRUE | FALSE | TRUE | ||||
| ZEIT | https://hackerone.com/zeit | https://hackerone.com/zeit | FALSE | FALSE | TRUE | full | ||
| Zarx | https://www.zarx.co.za/rights/terms-and-conditions | info@zarx.co.za | FALSE | FALSE | FALSE | partial | ||
| Zendesk | https://www.zendesk.de/company/policies-procedures/responsible-disclosure-policy/ | https://hackerone.com/zendesk_connect | TRUE | FALSE | TRUE | |||
| Zero Disclo | https://zerodisclo.com/ | https://zerodisclo.com/ | FALSE | FALSE | FALSE | partial | ||
| Zerocopter | https://www.zerocopter.com/en/responsible-disclosure | https://app.zerocopter.com/rd/c83a1fda-b73a-4556-962e-a2bcacb8eb8d | FALSE | FALSE | FALSE | partial | ||
| Zetetic | https://www.zetetic.net/security/ | support@zetetic.net | FALSE | FALSE | FALSE | |||
| Zilliqa | https://bugcrowd.com/zilliqa | https://bugcrowd.com/zilliqa/report | TRUE | FALSE | TRUE | full | ||
| Zimbra | https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy | https://wiki.zimbra.com/wiki/Security_Center | FALSE | FALSE | TRUE | |||
| Zoho | https://bugbounty.zoho.com/bb/info#guide | https://bugbounty.zoho.com/submit | TRUE | FALSE | TRUE | |||
| Zomato | https://www.zomato.com/security | security@zomato.com | TRUE | FALSE | TRUE | full | ||
| Zscaler | https://www.zscaler.com/company/vulnerability-disclosure-program | https://www.zscaler.com/vulnerability-disclosure-form | FALSE | FALSE | FALSE | |||
| Zynga Whitehat | https://bugcrowd.com/zynga-vdp | https://bugcrowd.com/zynga-vdp/report | FALSE | FALSE | TRUE |