Reward Program
- Avast! - http://www.avast.com/bug-bounty
- Barracuda - http://barracudalabs.com/
- Coinbase - https://coinbase.com/whitehat
- Chromium Project - http://www.chromium.org/
- CrowdShield - https://crowdshield.com/
- Cryptocat - https://crypto.cat/bughunt/
- Facebook - http://www.facebook.com/whitehat/
- Etsy - http://www.etsy.com/help/article/2463
- Gallery - http://codex.gallery2.org/Bounties
- Ghostscript - http://ghostscript.com/Bug_bounty_program.html(Mostly software development, occasional security issues)
- Google -http://www.google.com/about/company/rewardprogram.html
- Hex-Rays - http://www.hex-rays.com/bugbounty.shtml
- IntegraXor (SCADA) - http://www.integraxor.com/blog/integraxor-hmi-scada-bug-bounty-program
- LaunchKey - https://launchkey.com/docs/whitehat
- Marktplaats - http://statisch.marktplaats.nl/help/
- Mega.co.nz - http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/
- Meraki - http://www.meraki.com/trust/#srp
- Microsoft - http://www.microsoft.com/security/msrc/report
- Mozilla - http://www.mozilla.org/security/bug-bounty.html
- Paypal -https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues
- PikaPay - https://www.pikapay.com/pikapay-security-policy/
- Piwik - http://piwik.org/security/
- Ricebridge - http://www.ricebridge.com/bugs.htm (Only available to customers)
- Ripple - https://ripple.com/bug-bounty/
- Samsung - https://samsungtvbounty.com/
- Simple - https://www.simple.com/policies/website-security/
- Tarsnap - https://www.tarsnap.com/bugbounty.html
- Qiwi - https://www.qiwi.ru/page/hack.action
- Qmail - http://cr.yp.to/djbdns/guarantee.html
- Yandex - http://company.yandex.com/security/index.xml
- Zerobrane - http://notebook.kulchenko.com/zerobrane/zerobrane-studio-bug-bounty
Product & Services (Hall Of Fame Only)
- Acquia - https://www.acquia.com/how-report-security-issue
- ActiveProspect - http://activeprospect.com/activeprospect-security/
- Adobe - http://www.adobe.com/support/security/alertus.html
- Amazon.com (retail) - please email details to security@amazon.com
- Android Free Apps - http://www.androidfreeapp.net/security-researcher-acknowledgments/
- Apple - http://support.apple.com/kb/HT1318
- Blackberry -http://us.blackberry.com/business/topics/security/incident-response-team/collaborations.html
- Braintree - https://www.braintreepayments.com/developers/disclosure
- Card - https://www.card.com/responsible-disclosure-policy
- cPaperless - http://www.cpaperless.com/securitystatement.aspx
- Chargify - https://chargify.com/security/
- DiMartino Entertainment -http://moosikay.dimartinoentertainment.com/site/credits/
- eBay - http://pages.ebay.com/securitycenter
- EVE - http://community.eveonline.com/devblog.asp?a=blog&nbid=2384
- Evernote - http://evernote.com/security/
- Foursquare - https://foursquare.com/about/security
- Freelancer - http://www.freelancer.com/info/vulnerability-submission.php
- Future Of Enforcement - http://futureofenforcement.com/?page_id=695
- Gitlab - http://blog.gitlab.com/responsible-disclosure-policy/
- Gliph - https://gli.ph/s/security.html
- HakSecurity - http://haksecurity.com/special-thanks/
- Harmony - http://get.harmonyapp.com/security/
- Heroku - https://www.heroku.com/policy/security-hall-of-fame
- Iconfinder -http://support.iconfinder.com/customer/portal/articles/1217282-responsible-disclosure-of-security-vulnerabilities
- Kaneva - http://docs.kaneva.com/mediawiki/index.php/Bug_Bounty
- Kayako - https://my.kayako.com/
- Lastpass - https://lastpass.com/support_security.php
- Mahara - https://wiki.mahara.org/index.php
- MailChimp - http://mailchimp.com/about/security-response/
- Microsoft (Online Services) - http://technet.microsoft.com/en-us/security/cc308589
- Netflix - http://support.netflix.com/en/node/6657#gsc.tab=0
- Nokia - http://www.nokia.com/global/security/acknowledgements/
- Nokia Siemens Networks -http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
- Norada - http://norada.com/crm-software/security_response
- Owncloud - http://owncloud.org/about/security/hall-of-fame/
- Opera - https://bugs.opera.com/wizarddesktop/
- Oracle - http://:oracle.com/technetwork/topics/security
- Puppet Labs - https://puppetlabs.com/security/acknowledgments/
- RedHat - https://access.redhat.com/knowledge/articles/66234
- Risk.io - https://www.risk.io/security
- Security Net - http://www.securitynet.org/security-researcher-acknoledgments/
- Sellfy - https://sellfy.com/security/
- Spotify - https://www.spotify.com/us/about-us/contact/report-security-issues/
- Sprout Social - http://sproutsocial.com/responsible-disclosure-policy
- Telekom - http://www.telekom.com/corporate-responsibility/security/186450
- Thingomatic - http://thingomatic.org/security.html
- 37signals - https://37signals.com/security-response
- Tuenti - http://corporate.tuenti.com/en/dev/hall-of-fame
- Twilio - https://www.twilio.com/docs/security/disclosure
- Twitter - https://twitter.com/about/security
- WizeHive - http://www.wizehive.com/special_thanks.html
- Xmarks - https://buy.xmarks.com/security.php
- Zendesk - http://www.zendesk.com/company/responsible-disclosure-policy
- Zynga - http://company.zynga.com/security/whitehats
Product & Services (No Reward)
- Amazon Web Services (AWS) -http://aws.amazon.com/security/vulnerability-reporting
- Apriva - http://www.apriva.com/security
- Authy - https://www.authy.com/security-issue
- Blackboard - http://www.blackboard.com/footer/security-policy.aspx
- Box - https://www.box.com/about-us/security/
- Cisco -http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#roosfassv
- Cloudnetz - http://cloudnetz.com/Legal/vulnerability-testing-policy.html
- Contant Contact - http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
- Coupa - http://trust.coupa.com/home/security/coupa-vulnerability-reporting-policy
- Drupal - https://drupal.org/security-team
- EMC2 - http://www.emc.com/contact-us/contact/product-security-response-center.htm
- Emptrust - http://www.emptrust.com/Security.aspx
- Heroku - https://www.heroku.com/policy/security-hall-of-fame
- HTC - http://www.htc.com/us/terms/product-security/
- Huawei - http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm
- IBM - http://www-03.ibm.com/security/secure-engineering/report.html
- KPN - http://www.kpn.com/Privacy.htm#tabcontent3
- Lievensberg Hospital -http://www.lievensbergziekenhuis.nl/paginas/141-disclaimer.html
- LinkedIn - http://help.linkedin.com/app/answers/detail/a_id/37022
- Lookout - https://www.lookout.com/responsible-disclosure
- Millsap Independent School District -http://www.millsapisd.net/BugReport.cfm
- Modus CSR - http://www.moduscsr.com/security_statement.php
- PagerDuty - http://www.pagerduty.com/security/disclosure/
- Panzura - http://panzura.com/support/panzura-security-policy/
- Pidgin - http://pidgin.im/security/
- Plone - http://plone.org/products/plone/security/advisories
- Pop Group - http://www.popgroupglobal.com/security.php
- Reddit - http://code.reddit.com/wiki/help/whitehat
- Relaso - http://relaso.com/disclosure
- Salesforce -http://www.salesforce.com/company/privacy/security.jsp#vulnerability
- Simplify - http://simplify-llc.com/simplify-security.html
- Skoodat - http://www.skoodat.com/security
- Scorpion Software -http://www.scorpionsoft.com/company/disclosurepolicy/
- Square - https://squareup.com/security/levels
- Symantec - http://www.symantec.com/security/
- Team Unify - http://www.teamunify.com/__corp__/security.php
- Tele2 - http://www.tele2.nl/klantenservice/veiligheid/tele2-en-veiligheid.html
- T-Mobile (Netherlands) - http://www.t-mobile.nl/Global/media/pdf/privacy_statement_juni_2012.pdf
- UPC -http://www.upc.nl/internet/veilig_internet/beveiligingsproblemen/
- Viadeo - http://www.viadeo.com/aide/security/
- Vodafone (Netherlands) - http://over.vodafone.nl/vodafone-nederland/privacy-veiligheid/beveiliging-en-bescherming/wat-doet-vodafone/meld-een-beveilig
- VSR - http://www.vsecurity.com/company/disclosure
- X.commerce - http://www.x.com/security
- Xen - http://www.xen.org/projects/security_vulnerability_process.html
- Ziggo - https://www.ziggo.nl/#klantenservice/internet/risicos-op-internet/meldpunt-beveiligingslekken
FreedomPop is the #1 COMPLETELY FREE mobile phone provider.
ReplyDeleteWith voice, SMS & data plans are priced at £0.00/month.
Been using AVG protection for a couple of years, and I'd recommend this solution to everyone.
ReplyDeleteYoBit allows you to claim FREE CRYPTO-COINS from over 100 unique crypto-currencies, you complete a captcha once and claim as much as coins you want from the available offers.
ReplyDeleteAfter you make about 20-30 claims, you complete the captcha and continue claiming.
You can click claim as much as 30 times per one captcha.
The coins will held in your account, and you can convert them to Bitcoins or USD.