Bug Bounty Programs

Below is a list of public bug bounty programs. Through a bug bounty program, companies can tap into a global network of ethical hackers who continuously test a wide range of digital assets within the defined scope.

Bug bounty programs reward ethical hackers with financial incentives when valid vulnerabilities are discovered.

Industry

Program type

Sort by

Search

Uphold

Uphold

Financial Services and Insurance

Uphold is a global digital financial platform that enables users to buy, sell, and trade a wide range of assets, including cryptocurrencies, traditional fiat currencies, and precious metals. Operating in 140+ countries and supporting 300+ assets, Uphold provides secure multi-asset trading, instant transactions, and enterprise financial solutions. As a blockchain business, trust and security are fundamental to our success. Our reputation and brand image depend on maintaining the highest security standards, which is why security is a top priority at Uphold. This bug bounty program is a key part of our commitment to proactively identifying and mitigating security risks before they can impact our users or financial systems. As a researcher, you will be analyzing Uphold’s web applications, APIs, and mobile platforms, which facilitate multi-asset trading, financial transactions, and account management. Your contributions will help protect user funds, ensure transaction integrity, and enhance authentication security in a highly regulated financial environment. Review the program scope, rules of engagement, and testing guidelines carefully before submitting a report. We reward well-documented, high-impact security findings that strengthen the safety of our platform and uphold the trust of our users.

Bug bounty program

Up to €6,000

Soundtrack Your Brand

Soundtrack Your Brand

Media and Entertainment

Soundtrack Your Brand offers music streaming services for businesses. We serve small customers like the café around the corner or larger brands like McDonald’s. Through our service customers have total control over the music and can manage locations across the world. We provide a wide variety of playback options, from mobile apps to custom hardware, that our customers use to play music at their venues. They manage their account, music and locations via our web app.

Bug bounty program

€50 – €3,500

Aikido Security: Zen by Aikido

Aikido Security: Zen by Aikido

Software

Zen by Aikido is an embedded security engine for autonomously protecting applications against common web attacks, like shell injection and SQL injection. We do so by hooking into sinks, validating them together with the incoming user input and in case the request is malicious, we block the request. It's similar to a traditional WAF, but with the full context of the called code and the user's input.

Bug bounty program

€100 – €3,500

Tomorrowland

Tomorrowland

Leisure and Hospitality

Tomorrowland is one of the most-loved and best-known music festivals on the planet. Because of this Tomorrowland usually sells out in minutes and manages a large fanbase. Tomorrowland also innovates by providing its visitors cashless onsite payments and a wide range of online services. This has increased Tomorrowland's digital footprint. We value all help we can get securing this digital footprint.

Bug bounty program

Up to €2,500

OVO VDP

OVO VDP

Energy Utilities and Waste

Who is OVO? - We launched in 2009 with a belief that energy could be better. We’re helping UK homes on the Path to Zero. https://www.ovoenergy.com/about What do we do? - OVO is a leading energy technology company determined to create a world with clean, affordable energy for everyone. Relationship to bug bounty? - No technology is perfect and OVO believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology.

Responsible disclosure

SimScale

SimScale

Manufacturing Consumer

SimScale is a browser-based, online engineering simulation platform that provides powerful modeling and simulation capabilities. With in-browser 3D visualization, scalable on-demand computing capacity, the SimScale platform enables a new way of using simulation technology. SimScale integrates a broad variety of simulation software tools for structural mechanics, fluid dynamics, and thermodynamics. The SimScale team and our partners are constantly expanding the features of the platform.

Bug bounty program

€250 – €6,000

De Lijn

De Lijn

Transportation and Logistics

De Lijn is the Flemish public transportation company dedicated to giving their customers a comfortable and quick ride. Due the fact that we use the latest IT equipment and servers is our security ought to be at the top of our game. For this program we are putting the focus at our web clients, APIs and of course the mobile application.

Responsible disclosure

Digitaal Vlaanderen

Digitaal Vlaanderen

Public Services

"Digitaal Vlaanderen" is the IT and digital transformation departement within the Flanders’ governmental IT. Positioned as the digital gateway and data broker between all Flemish government entities, we want to be at the top of our game. Our security ought to be too. For this program we are focusing at first instance on some of our main assets.

Responsible disclosure

Venly

Venly

Software

Venly is a blockchain technology company providing developer-friendly solutions to help businesses seamlessly integrate Web3 capabilities into their applications. Our mission is to make blockchain accessible for everyone by offering secure, scalable, and easy-to-use tools for developers, enterprises, and end users. With a strong focus on user experience, security, and innovation, Venly delivers a suite of blockchain infrastructure solutions, including: * Venly Wallet – A secure, multi-chain digital wallet solution with a user-friendly UI and developer API for seamless blockchain asset management. * Venly NFT Tools – A complete NFT suite enabling brands and game developers to integrate digital collectibles effortlessly. * Venly Onboarding Solutions – Secure authentication and blockchain identity solutions that simplify Web3 adoption. Venly’s enterprise-grade security and compliance standards ensure businesses can safely leverage blockchain technology while maintaining top-level security and regulatory alignment. Our tools are trusted by global brands, gaming studios, and financial institutions to power next-generation decentralized applications. This program focuses primarily on Venly Wallet UI and Wallet API, which provide secure and accessible blockchain wallet solutions for businesses and users worldwide.

Bug bounty program

€50 – €5,000

DataCamp

DataCamp

Education

DataCamp’s mission is to democratize data skills for everyone. Companies and teams of every size use DataCamp to close their data skill gaps and make better data-driven decisions. Data science and analytics are rapidly shaping every aspect of our lives and our businesses. There is incredible power in data—but only if you know what to do with it. DataCamp teaches 1,600+ companies and 7 million individuals from 180+ countries the skills they need to work with data in the real world.

Bug bounty program

€25 – €1,500

Grafana Labs

Grafana Labs

Software

Grafana Labs is the company behind Grafana, Loki, Mimir and Tempo, the leading open source software for visualizing operational data. We are thrilled to invite you to participate in our bug bounty program in partnership with Grafana Labs' security team. Before beginning your research, we kindly request that you carefully review this program's scope. This will ensure that your efforts align with our objectives and that you receive proper compensation for any findings that meet the program's criteria. Happy hacking!

Bug bounty program

$10 – $15,000

RIPE NCC

RIPE NCC

Non Profit

We're an independent, not-for-profit membership organisation that supports the infrastructure of the Internet through technical coordination in our service region. Our most prominent activity is to act as the Regional Internet Registry (RIR) providing global Internet resources and related services (IPv4, IPv6 and AS Number resources) to members in our service region.

Bug bounty program

Up to €2,000

Ninja Kiwi Games Bug Bounty program

Ninja Kiwi Games Bug Bounty program

Media and Entertainment

Creators of hit computer game franchises Bloons, Bloons TD and SAS: Zombie Assault for mobile and web. We have offices in Auckland, New Zealand and Dundee, Scotland. We are excited to engage with the security community to help us keep our users safe and our services secure. This is our second Bug Bounty program after a successful campaign in 2021.

Bug bounty program

€75 – €4,125

Yahoo Bug Bounty

Yahoo Bug Bounty

Manufacturing Consumer

Welcome to Yahoo Yahoo is a global media and advertising company connecting people to their passions. With one of the largest online audiences in the world, Yahoo brings people closer to what they love — from finance and commerce, to gaming and news — with the trusted products, content, and tech that fuel their day. For partners, we provide a full-stack platform to amplify businesses and drive more meaningful connections across advertising, search, and media.

Bug bounty program

$100 – $15,000

Ubisoft VDP

Ubisoft VDP

Media and Entertainment

Ubisoft is a leading video game company, the creators of original and immersive worlds like Assassin's Creed, Far Cry, The Crew, Rainbow Six and Watch Dogs. We welcome the reporting of security vulnerabilities that would help us protect our players and assets.

Responsible disclosure

Red Bull

Red Bull

Manufacturing Consumer

Red Bull appreciates the work of security researchers to make the internet a better - and more secure - place. Even though we aim to prevent security issues by applying state-of-the art development and operations processes, systems and technical services outside our direct control might have vulnerabilities and weaknesses and we aim to identify and address those before any negative impact occurs. As appreciation we have a unique reward system in place, please see FAQ for more information.

Responsible disclosure

Veriff Bug Bounty

Veriff Bug Bounty

Software

At Veriff we are passionate about creating a safer environment online. Our mission is to bring transparency to the digital world. We take the security of our systems seriously, and we value the security community. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users. We ask all researchers to follow the guidelines provided.

Bug bounty program

€5 – €6,000

Intergamma

Intergamma

Retail

Intergamma is the biggest DIY retailer of The Netherlands and Belgium with three brands: GAMMA Nederland, GAMMA België, and KARWEI. We have almost 400 DIY stores and operate three eCommerce websites. Our strategy is to be the best omnichannel retailer of the Netherlands and Belgium. This means offline and online are converging, and eCommerce is a growth market. Therefore a secure platform is paramount. For more information on our organization please visit https://www.intergamma.nl/

Bug bounty program

€50 – €5,500

Moralis VDP

Moralis VDP

Software

Moralis is a blockchain technology platform providing developers with backend infrastructure for building and scaling decentralized applications (dapps). This page is a safe way for you to communicate found bugs in a responsible way. All contributions are highly appreciated.

Responsible disclosure

Newpharma

Newpharma

Retail

Newpharma is the largest online pharmacy in Belgium. It was the first to dispense medicines over the internet without a prescription in Belgium. Newpharma also offers you a broad range of drugstore products: cosmetics, natural and well-being products and specialist products for babies, children or the elderly at low prices throughout the year. Important note: Please limit your automated tools to 1 request/sec. DDoS or brute force attacks are strictly forbidden!

Bug bounty program

T&C Required

Application Required

€50 – €5,000

Monzo Public Bug Bounty Program

Monzo Public Bug Bounty Program

Financial Services and Insurance

Welcome to the Monzo public bug bounty program! 🚀 At Monzo we aim to create a banking service that makes our customers financial lives better and easier. Our mantra is “make money work for everyone” and we mean it! 👍 We have created several apps to provide intuitive, helpful, and enjoyable experiences across our range of products 💖. We won’t sacrifice security though! So if you find a security bug in one of our apps or services, this is the place to report it! Happy hunting!

Bug bounty program

£125 – £12,500

Sqills

Sqills

Transportation and Logistics

Sqills provides the leading inventory, reservation, and ticketing system for the bus and rail industry – S3 Passenger. At Sqills we are on a constant journey of innovation, discovery and global market leadership. Our corporate website provides general information about Sqills.

Sustainable

Bug bounty program

Up to €2,500

WP Engine Bug Bounty

WP Engine Bug Bounty

Media and Entertainment

Welcome! WP Engine invites you to evaluate our products and platforms. WP Engine equips its customers with a suite of agility, performance, intelligence, and integration solutions, so you can build and deploy a range of online experiences from campaign sites to content hubs to e-commerce extensions. Good luck and happy hunting!

Bug bounty program

Up to €2,500

Oda

Oda

Retail

Oda.com and Mathem.se is the leading online grocery storesin Norway and Sweden.

Bug bounty program

€75 – €4,000