Select your target from one of the public bug bounty programs below

Canada Post + Purolator - Responsible Disclosure Program

Responsible disclosure

Canada Post is the country’s leading provider of business-to-consumer delivery. Reaching more than 16.2 million addresses, and operating the country’s largest retail network of over 6,200 post offices. Purolator is Canada’s leading integrated freight, parcel and logistics solutions provider. Purolator continues to expand its reach and renowned service levels and reliability to more people, more businesses and more places across the country and around the world.

Torfs

Up to €7,500

Torfs - the well-known shoe retailer in Belgium - is still a 100% family business today. This family character guarantees a number of important values within the company where employees are central. A head office in Sint-Niklaas and a spectacular distribution center in Temse offer support to the points of sale and customers of the E-Commerce website. With more than 80 stores in Flanders, 2 shops in the French part of Belgium and a growing online shop in Belgium, The Netherlands and several marketplaces, Torfs wants to be and remain the most customer-friendly optichannel shoe store chain.

SimScale

€25 ‐ €3,000

SimScale enables engineering teams to access accurate and fast simulation, on their terms, without compromises. We make engineering simulation technically and economically accessible from everywhere, at any time, and at any scale, in the cloud. We deliver instant access to fluid, thermal, and structural simulation to over 300,000 users. With SimScale, engineering simulation has moved from a complex and cost-prohibitive desktop application to an inclusive, agile, cloud-native simulation platform.

De Volkskrant

Up to €2,000

De Volkskrant is a Dutch daily morning newspaper. Founded in 1919, it has a nationwide circulation of about 250,000 papers per day.

Sustainable

Port of Antwerp

Responsible disclosure

The Antwerp Port Authority has a key role in the port's day-to-day operation. The Port Authority manages and maintains the docks, the bridges, the locks, the quay walls and the land. The personnel is also responsible for safe shipping traffic in the docks, the bridges and locks. In addition, the Port Authority provides tugs and cranes, carries out dredging work and promotes the port at home and abroad.

Sustainable

Visma

€100 ‐ €7,500

Visma delivers software that simplifies and digitizes core business processes in the private and public sector. With presence across the entire Nordic region along with Benelux, Central and Eastern Europe, we are one of Europe’s leading software companies. We want to engage with responsible security researchers around the globe to further secure our services. No code is flawless and we believe that taking part in the Intigriti community can help us improve the security of our systems.

Intel®

$500 ‐ $100,000

Intel® Bug Bounty Program Security is a collaboration... Intel Corporation believes that forging relationships with security researchers and fostering security research is a crucial part of our Security First Pledge. We encourage security researchers to work with us to mitigate and coordinate the disclosure of potential security vulnerabilities.

Mastodon

€1,000 ‐ €20,000

Mastodon is a free, open-source social network server based on ActivityPub where users can follow friends and discover new ones. On Mastodon, users can publish anything they want: links, pictures, text, video. All Mastodon servers are interoperable as a federated network (users on one server can seamlessly communicate with users from another one, including non-Mastodon software that implements ActivityPub)

Cyber Security Coalition

Responsible disclosure

The Cyber Security Coalition is a unique partnership between players from the public and private sector to join forces in the fight against cybercrime. We are bringing together the skills and expertise of members on a trust-based platform. A lot of information is publicly available on our website but there is also protected data not publicly viewable. We are a reference in security and it is obvious that our website should be secure! We are happy to have your help in finding any vulnerabilities!

Newpharma

€50 ‐ €5,000

Newpharma is the largest online pharmacy in Belgium. It was the first to dispense medicines over the internet without a prescription in Belgium as soon as it was given authorisation in February 2009. Newpharma also offers you a broad range of drugstore products: cosmetics, natural and well-being products and specialist products for babies, children or the elderly at low prices throughout the year.

Apply to program

Application Required

Soundtrack Your Brand

€50 ‐ €2,500

Soundtrack Your Brand offers music streaming services for businesses. We serve small customers like the café around the corner or larger brands like McDonald’s. Through our service customers have total control over the music and can manage locations across the world. We provide a wide variety of playback options, from mobile apps to custom hardware, that our customers use to play music at their venues. They manage their account, music and locations via our web app.

Apply to program

Application Required

WP Engine

Responsible disclosure

WP Engine invites you to test the WP Engine and Flywheel Digital Experience Platforms. WP Engine equips its customers with a suite of agility, performance, intelligence, and integration solutions, so you can build and deploy a range of online experiences from campaign sites to content hubs to e-commerce extensions. Good luck and happy hunting!

Sustainable

Hoplr

Responsible disclosure

Hoplr is the social network for inclusion and citizen engagement. As a social network we consider the safety and continuity of our online services as one of our top priorities. Our team is continually working to optimize our systems and processes, yet despite all the efforts we make to secure our systems, vulnerabilities may still be present. We are happy with your help to further improve our systems and to protect our users and customers even better.

IAM KU Leuven

Up to €2,500

KU Leuven uses a central identity management platform to manage the accounts of its 32k employees and 115k students (up to 500k accounts known irrespective of access rights). Most of the web applications can be accessed via a central login system, which authenticates the user and communicates their identity and access rights to the web application. Recently KU Leuven introduced a strong authentication method named "KU Leuven authenticator" based on n-Auth technology. We challenge you to find the bugs in our IAM system! If you find any, we will be more than happy to pay the bounty!

Uphold.com

Up to €4,000

At Uphold, we make it easy to buy and sell any major digital currency. You can invest, transfer or send/receive between many cryptocurrencies, traditional currencies and precious metals. Our digital money app is slick, easy, and secure.

Tomorrowland

Up to €2,500

Tomorrowland is one of the most-loved and best-known music festivals on the planet. Because of this Tomorrowland usually sells out in minutes and manages a large fanbase. Tomorrowland also innovates by providing its visitors cashless onsite payments and a wide range of online services. This has increased Tomorrowland's digital footprint. We value all help we can get securing this digital footprint.

Online enrollment for students

Up to €2,500

The online enrollments application allows students to apply for educational programs at the university or at university colleges. Every year approximately 40.000 applicants enter their personal information and educational preferences into this application. We challenge you to find the bugs in our online enrollment application.

Algemeen Dagblad

Up to €2,000

With around 900 editors Algemeen Dagblad (AD) has become the largest journalistic organization in the Netherlands, offering both national and extensive regional news coverage.

Sustainable

Tomorrow

€15 ‐ €4,000

Conventional banks use your money to invest massively in coal power, weapons and other damaging industries – without ever asking your permission. We use your money exclusively to invest in sustainable projects. Tomorrow offers the comfort of digital banking – without compromising your values. We use smart technologies that make your daily life easier while contributing to a better future.

VRT

€25 ‐ €1,500

Flemish Radio and Television Broadcasting Organization bugbounty program

Jooki

Responsible disclosure

Jooki by Muuselabs - the IoT speaker for kids Jooki is a music player that kids can independently use in a safe and screen-free environment. Upload your own content for offline use or listen online to your favourite Spotify playlists or web radios. Jooki has WiFi, Bluetooth, a microphone, speakers, NFC tags, voicemail service... Right now we are not offering monetary awards, but notable exploits will be rewarded with a Jooki 2 when they become available in Q3-2020.

Sustainable

NxtPort

Responsible disclosure

NxtPort's main goal is to unlock the potential of sharing existing data amongst supply chain members. The NxtPort Data Utility Platform allows faster, more cost-effective, as well as more efficient transfers of data between the different players. The platform creates more transparency in the whole logistics process. NxtPort aims to increase operational efficiency, safety and revenue.

cLabs

$50 ‐ $3,750

cLabs supporting $CELO cryptocurrency in building financial technology to enable prosperity for all

Sustainable

Visma Responsible Disclosure

Responsible disclosure

Visma delivers software that simplifies and digitizes core business processes in the private and public sector. With presence across the entire Nordic region along with Benelux, Central and Eastern Europe, we are one of Europe’s leading software companies. We want to engage with responsible security researchers around the globe to further secure our services. This program is dedicated for all Visma assets (services, products, web properties).

KU Leuven Responsible Disclosure

Responsible disclosure

We are happy to announce our Responsible Disclosure program! KU Leuven has a very diverse web landscape. Keeping this environment and the data it contains as secure as possible is an ongoing effort. We would like to invite you to help us with this effort.

Het Parool

Up to €2,000

Het Parool is a Dutch regional newspaper that started in the Second World War as a social-democratic tinted resistance newspaper.

Digitaal Vlaanderen

Responsible disclosure

"Digitaal Vlaanderen" is the IT and digital transformation departement within the Flanders’ governmental IT. Positioned as the digital gateway and data broker between all Flemish government entities, we want to be at the top of our game. Our security ought to be too. For this program we are focusing at first instance on some of our main assets.

Sustainable

Telenet - Base

€50 ‐ €2,500

At Telenet we place great importance on the security of our systems and data. Despite the measures we take to optimise our security, it is nevertheless possible that something will slip through the net. The brands that are part of Telenet group are Telenet, Base and Nextel. Should you discover a security problem, we have a system in place for you to report it to us in a responsible way. We are happy to have your help to improve our systems and protect our customers even better.

Cross Border Fines

Up to €1,000

The application that coordinates the sending of the traffic fines document to the citizens and the reconciliation of the payments.

Apply to program

Application Required

Twago

Responsible disclosure

Twago is the leading platform for online work in Europe. On Twago, individuals or companies of all sizes find the experts they need for projects, and freelancers and agencies find work and grow their businesses.

Showpad

Up to €3,000

Today’s buyers don’t have time for unprepared sellers. Buyers expect sales conversations that drive value and provide insights. Showpad surfaces content and training to salespeople in the context of their everyday work – and for every sales opportunity. All in a single platform designed to maximize sales productivity and empower sellers to exceed buyer expectations. Let out your inner corporate spy and get paid to steal your competitor's confidential data from our platform!

Apply to program

Application Required

BCC

€10 ‐ €2,500

BCC has been around since 1969 and with 61 stores is one of the largest and most successful electro retailers in the Netherlands. In addition to our physicial stores we have a high-traffic e-commerce platform. BCC is part of the Mirage Retail Group.

Hardware Info

Up to €2,000

Since its establishment in 1999, Hardware Info has been informing consumers in the Netherlands and Belgium about computer hardware and consumer electronics. Part of Hardware Info is a leading test lab, where more than 1500 products are tested professionally every year. In the test lab, the editors of Hardware Info have professional testing equipment at their disposal in order to be able to give as professional an opinion as possible about products. Based on the test results, we publish extensive comparison tests, but also in-depth single product reviews. The PC Advice systems are, as far as possible, also put together based on well-tested products. Editorial independence is of paramount importance at Hardware Info: that is why the commercial exploitation of the website is strictly separate from the editors. In addition to the website, Hardware Info also appears as a magazine six times a year. Hardware Info has been part of De Persgroep Online Services B.V. since September 2016.

GlobalSign

€50 ‐ €3,000

GlobalSign is one of the world's largest identity services company providing cloud-based, highly scalable PKI solutions. Because GlobalSign is trusted by software suppliers, browsers, operating system vendors and governments we are a high-interest target for criminal organizations and nation-state actors. For that reason, we are launching a bug bounty program to have additional and independent insights in our perimeter security posture.

T&C Required

Mobile Vikings

Up to €5,000

True Vikings never entered the battlefield without their helmets. And we believe a secure environment, just like free access to open communication, is a worldwide human right. But even the best Viking Drakkars may sometimes encounter vulnerabilities. Brave sailors who discover leaks should be honored - not executed. Together with you and our broad community, we want to create a secure and safe environment for everyone.

Het Laatste Nieuws

Up to €2,000

HLN.be is the number one news site in Flanders. 24/7 news with a focus on current events, sports and entertainment. The editors know how to keep their finger on the pulse at all times: on average every 4 minutes a new article appears on the news site. Readers consume their news more and more fragmented through their social media, so it is important for HLN to stay top of mind with its own app.

Sustainable

Sqills

Up to €2,500

Sqills provides the leading inventory, reservation, and ticketing system for the bus and rail industry – S3 Passenger. At Sqills we are on a constant journey of innovation, discovery and global market leadership. Our corporate website provides general information about Sqills.

Napoleon Games NV

€50 ‐ €10,000

Napoleon Games is the Belgian leading gambling website where your can play several types of games: www.napoleoncasino.be, www.napoleondice.be, www.napoleonsports.be etc. Napoleon Games is a legal and safe website and is approved by the Belgian Gaming Commission.

De Lijn

Responsible disclosure

De Lijn is the Flemish public transportation company dedicated to giving their customers a comfortable and quick ride. Due the fact that we use the latest IT equipment and servers is our security ought to be at the top of our game. For this program we are putting the focus at our web clients, APIs and of course the mobile application.

Sustainable

intigriti

€200 ‐ €13,337

At intigriti, we practice what we preach. We’ve built the platform with the greatest care and attention for security, but all software contains bugs and we are no exception to this rule. We encourage you to responsibly disclose any security vulnerabilities they may encounter and will reward you accordingly.

Student Assessment System

Up to €2,500

The Student Assessment System (internally referred to as the Print&Scan application) is a tool for processing multiple choice exams. The inputs for the tool are a file containing user information, a file containing student's answers to the multiple choice exam and and the correct answers. After processing the files, the tool presents the user with some statistics about the exam, as wel as the calculated scores for the students. Each year about 1000 exams are processed using this tool, grading over 50.000 students. Since the results of this tool are used to determine whether students are able to graduate, it is important that it is secure. We challenge you to find the bugs in our Print&Scan tool.

Aleacsys Online BV

€50 ‐ €10,000

Wimigames are different games, compared to the majority of games available on napoleongames.be.

Sustainable

Nexuzhealth

Up to €4,000

Website + Android Apps + iOS Apps Android Apps KWS Companion The application is only to be used by doctors and no logon information will be given. mynexuz CPV The application is only to be used by personnel of UZ Leuven responsible for transport of patients and no logon information will be given. mynexuzhealth app This application is intended to be used by patients in order to consult their private data, their doctors & appointments and more. Login: see below. iOS Apps KWS Companion The application is only to be used by doctors and no logon information will be given. Website mynexuzhealth website This website is intended to be used by patients in order to consult their private data, their doctors & appointments and more. Login: see below. In order to be able to logon to the mynexuzhealth website and app, an ethical hacker will need to request one or more logon credentials via the platform. You can request this information via support (support@intigriti.be). The information they will receive is - A user ID of 8 numbers - A PIN code of 4 numbers - A QRCode

Humo

Up to €2,000

Humo brings high-profile cover stories and revealing interviews and files. And that with a characteristic approach: reliable information, a critical attitude and a sense of humor and self-relativity. The reader is treated every week on articles about television, society, sports, culture and pop, sharp columns and quirky discussions of TV programs, books, films and music.

Nestlé VDP

Responsible disclosure

In Nestlé we believe in the power of food to enhance quality of life for everyone, today and for generations to come. IT Security is a top priority for us, we are committed to work with security researchers across the globe to help protect our systems and our customers' data from malicious activity and to further improve cyber security across our organization.

KU Leuven - www.kuleuven.be

Responsible disclosure

KU Leuven has a very diverse web landscape. Keeping this environment and the data it contains as secure as possible is an ongoing effort. We would like to invite you to help us in this effort. We are happy to have your help to improve the security of our systems .

Sustainable

Floriday

Responsible disclosure

Floriday is the central place where commercial and logistics processes are handled. With Floriday, we are making the floriculture industry more accessible and more straightforward by providing a single open platform where growers, buyers, service providers and software providers can get together. We continuously work with all players in the sector on developing the platform. We use the latest techniques (API connections) to create the digital infrastructure for the industry together.

Kinepolis Group

Up to €5,000

Our website is a way to inform and inspire customers about the latest and brightest. It allows to: • Get up to date information about the movies and events we offer; • Choose your favorite movie theater, pick a date and time; • Buy tickets and enhance your experience by choosing for ‘cozy seat’ instead of our normal seats. Just in case you want to have a ‘cozy night’ with your significant other! Cry of laughter or maybe some scary movies are your favorite ones. Via a My Kinepolis account we target movies and unique promotions based on your preferences. While researching our website you can already explore our schedule and plan your next trip to one of our movie theaters. We are ready to be challenged!

Darwinex

Up to €3,000

Darwinex is a FinTech company helping traders develop their skills and build a verifiable track record, enabling sophisticated traders to trade the market and investors to back them. Our technology is bolted on to our exchange providing traders with regulatory cover to charge a 15% success fee. We aim to deliver the best possible execution conditions and provide access to over 300 financial assets, under our asset management licence, protecting traders' intellectual property and anonymity.

E-Gor

€50 ‐ €2,500

E-Gor is an interactive platform that manages everything related to your pension.

Apply to program

Application Required

DPG Media

Responsible disclosure

DPG Media is a leading media group in Flanders, Netherlands and Denmark that knows how to touch viewers, surfers, readers and listeners with impressive stories, lightning fast news and sparkling entertainment.

Tempo-Team

Responsible disclosure

Tempo-Team offers daily new and varied jobs for every level and field.

Sustainable

Suivo

Up to €2,000

The Suivo Web Platform provides access to Tracking data from vehicles equiped with Suivo hardware. The platform is built around 4 components: - Real-time Tracking data - Analytics based on historical Tracking data, both in a web view en generated reports - Communication: tasks and messages - Fleet management (Maintenance planning etc.)

De Morgen

Up to €2,000

De Morgen has a broad view of the news with attention to political current affairs, culture and media. The editors are critical, dig deeper and often make the news of the day under the motto more insight, more salmon. De Morgen is aiming for an open-minded audience that is looking for qualitative news coverage, background and interpretation of the news. The newspaper looks young and fresh and has won international prizes with its design.

BloomUp

Responsible disclosure

BloomUp grew as a response to COVID-19 as a platform that connects people in need of mental support with a mental health professional. By answering a few short questions, we match 3 of our professionals with the client and let them pick one. They can either set up a call immediately after if the professional is available or plan in a consult. The first 30 mins are free as an intake consult. When the client and professional have a click, they can schedule a follow-up and paying consult.

Speakap Responsible Disclosure

Responsible disclosure

Since 2010, Speakap has helped more than 400 companies across 120 countries, 42 languages, and many time zones, reach their full potential with more productive employees. With an award-winning, easy-to-use employee app, Speakap empowers company leaders to share the right content with the right people at the right time. Speakap boasts very high adoption rates with users logging in almost 6x a day for 50+ seconds per time.

itsme

Up to €5,000

Help us to get better at what we do: Privacy & Security of convenient online identity. We want to make the web a better place for every Belgian citizen or resident with a Belgian Mobile Subscription. Apart from internal practices to ensure that what we bring to the market is already developed and tested to be secure, we want to raise the bar for ourselves by asking you to help us track down vulnerabilities.

VTM GO

Up to €2,000

VTM GO offers a lot of strong Flemish and exclusive international series & films for free. From news and news to the most powerful fiction and reality shows.

PeopleCert VDP

Responsible disclosure

PeopleCert is the global leader in the assessment and certiﬁcation of professional and language skills, partnering with multi-national organisations and government bodies to develop and deliver market leading exams worldwide. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities.

Sustainable

PortXchange

Up to €3,750

At PortXchange we provide innovative digital solutions to support shipping companies and port communities worldwide to become more efficient and reduce carbon footprint. We were founded under the belief that collaboration, digitisation, and sustainability will shape the future of the shipping industry. PortXchange provides shipping companies, agents, terminal operators, captains and other service providers with a joint platform for the exchange of information relating to their port calls.

Apply to program

Application Required

VRT responsible disclosure

Responsible disclosure

Flemish Radio and Television Broadcasting Organization

GULP

Responsible disclosure

GULP is a leading personnel service provider in the areas of IT, engineering and finance.

InnoGames

€100 ‐ €4,000

InnoGames is Germany’s leading developer and publisher of mobile and online games. The company based in Hamburg and has a team of more than 400 employees.

Sixt

Responsible disclosure

With more than 6,900 employees worldwide, SIXT combines global car rental and local share solutions, ride hailing-services as well as car subscriptions in one of the world’s largest mobility platforms. With just one app – the SIXT App – we offer our customers digital access to more than 200,000 vehicles and around 1.5 million connected drivers in approximately 110 countries worldwide. Besides its own range of vehicles, SIXT also integrates services from more than 1,500 mobility partners.

Randstad

Responsible disclosure

Randstad is the global leader in the HR services industry. By combining our passion for people with the power of today’s intelligent machines, we support people and organizations in realizing their true potential.

BMC

Responsible disclosure

BMC is number one in connecting professionals

Yacht

Responsible disclosure

Yacht is number one in connecting professionals.

vidaXL

Up to €2,000

vidaXL is a rapidly growing international online retailer. Our success is based on our belief that things can always be better and cheaper: ‘Expect more’. Because nobody likes to pay too much for products. We are continually expanding our product range and offer the best products for the best price. We like to go the extra mile for our customers by improving popular products and making them even cheaper. https://corporate.vidaxl.com/about-us/

DataCamp

€25 ‐ €1,500

DataCamp’s mission is to democratize data skills for everyone. Companies and teams of every size use DataCamp to close their data skill gaps and make better data-driven decisions. Data science and analytics are rapidly shaping every aspect of our lives and our businesses. There is incredible power in data—but only if you know what to do with it. DataCamp teaches 1,600+ companies and 7 million individuals from 180+ countries the skills they need to work with data in the real world.

Apply to program

Application Required

Venly

€50 ‐ €5,000

Venly wallet (previously Arkane Network) is a multi-blockchain wallet provider that builds an open network between individuals, ecosystems and dapps. Venly Market is the first-ever peer-to-peer NFT marketplace on Polygon, Binance Smart Chain, Avalanche and Hedera. On Venly Market, users can trade NFTs in a fully compliant environment. Thanks to Venly Wallet, Market and NFT-tools, applications can tap into an entirely new revenue stream without having experience in blockchain engineering.

Access router

Up to €2,500

The access router is a router in the KU Leuven datacenter that ensures the connectivity between the KU Leuven network and its ISP. Suspected vulnerabilities in our access router that can be abused and can lead to: - Disruption of the proper operation of our equipment - Unauthorized access to, modification or deletion of configuration

Sustainable

eHealth Hub VZN KUL

Up to €2,000

The national project “eHealth Hubs & MetaHub” coordinated by the eHealth platform is meant to make medical results from hospitals (and in the near future medical laboratories) available to any caregiver who currently is treating the patient . For detailed information see https://www.ehealth.fgov.be/nl/zorgverleners/online-diensten/hubs-metahub and the URL in the next paragraph. This system supplements the traditional system of addressed ‘email type’ communication to individual referrers. Before medical data about a patient can be shared, that patient has to grant the ‘eHealth informed consent’ (see http://www.patientconsent.be ). Further, care providers declare a therapeutic relationship with the patient. Communication between the hubs and between external physicians and a hub is according to the KMEHR standard: https://www.ehealth.fgov.be/standards/kmehr/content/page/web-services The scope of this project is confined to the hub exploited by VZNKUL (Vlaams Ziekenhuis Netwerk KU Leuven) implementation of this hub system. The central metahub hub from the Belgian government, the other hubs, and the systems at other partners of this project are out of scope.

Delen Private Bank

€100 ‐ €15,000

Delen Private Bank is a family-based specialist in asset management, focused on wealth preservation, growth and careful planning. Our core values - entrepreneurship, personal service and long-term vision – inspire us to apply a proactive yet prudent investment philosophy. Honest, no-nonsense products and services help our clients to enjoy the good and beautiful things in life – both today and tomorrow.

Brussels Airlines

Up to €5,000

Safety is and has always been the first priority in the aviation world. Our IT solutions are no exception to this rule. We are therefore actively looking for experienced test pilots. Are you willing to take our application in hard turns, dives and looping in order to identify any possible vulnerability? Just put on your jacket, go through our safety checklist, turn on the engines and you are ready to fly! Our engineering team is eager to hear your debrief after landing, and will make sure to address any flaw you might have noticed. Please allow them a grace period before disclosing your findings, as in return they will make sure to provide you feedback on their progress. Have a good flight

OneSpan Trusted Identity Platform

Up to €3,000

OneSpan is a global leader in digital security with two-factor authentication, transaction data signing, document e-signature and identity management solutions designed for financial institutions and other enterprises. Trusted Identity Platform (TID) is OneSpan's cloud-based platform that delivers technologies related to user authentication, transaction authentication and identity management. In this project, we request researchers to validate the security of the web consoles and microservices.

T&C Required

EURid

Up to €6,000

EURid vzw is the registry operator of the .eu, .ею (Cyrillic script) and .ευ (Greek script) country code top-level domains (ccTLD) upon the appointment of the European Commission since 2003. As the registry operator, our biggest concern and priority is the stability and security of the .eu namespace. We also develop and maintain YADIFA since 2012, a lightweight authoritative Name Server with DNSSEC capabilities.

Sustainable

Sentiance

Up to €2,500

At sentiance we process enormous amounts of sentive data to provide our clients with rich insights & analytics used by them to optimize their business. All our products are built with security in mind and each feature has been carefully assessed to prevent security vulnerabilities to be introduced in our services. However, no security team is perfect and therefore we would like to call in the help of the bug bounty community to point out where we might have missed a bug. If you think you found a valid security vulnerability we would absolutely love to hear about it and award you if it's eligible per our policy.

Red Bull

Responsible disclosure

Red Bull appreciates the work of security researchers to make the internet a better - and more secure - place. Even though we aim to prevent security issues by applying state-of-the art development and operations processes, systems and technical services outside our direct control might have vulnerabilities and weaknesses and we aim to identify and address those before any negative impact occurs. As appreciation we have a unique reward system in place, please see FAQ for more information.

Sustainable

Submit your research - Fast lane

Responsible disclosure

Want to try a new technique or methodology on private bug bounty programs? Submit your research, get invited to private programs, and start collecting bounties.

Tweakers

Up to €2,000

Tweakers is a Dutch technology website featuring news and information about hardware, software and the Internet. We take security very serious as many of our users use our site as a trusted source. Therefore we have decided to collaborate with ethical hackers that can inform us about potential vulnerabilities in our systems. If you happen to find a vulnerability we'd be more than happy to hear about it and, if its impact is significant enough, award you a bounty as token of appreciation.

Monster Worldwide

Responsible disclosure

Monster is your source for jobs and career opportunities. Search for jobs, read career advice from Monster's job experts, and find hiring and recruiting advice.

Sustainable

Nexuzhealth Web PACS

Up to €1,000

This website is used to provide patient access to their radiology images (PACS). Patients logon with their date of birth, and a unique code provided to them by the physician. This code provides access to one study.

Intergamma

Up to €3,500

Intergamma is the biggest DIY retailer of The Netherlands and Belgium with three brands: GAMMA Nederland, GAMMA België, and KARWEI. We have almost 400 DIY stores and operate three eCommerce websites. Our strategy is to be the best omnichannel retailer of the Netherlands and Belgium. This means offline and online are converging, and eCommerce is a growth market. Therefore a secure platform is paramount. For more information on our organization please visit https://www.intergamma.nl/

Trouw

Up to €2,000

Trouw reaches thousands of people involved daily with in-depth journalism via print and online via the news site, news apps and digital newspaper

CM.com

€25 ‐ €2,500

CM.com is a listed company that provides Conversational Commerce services from its privately owned cloud platform with 100% in-house developed software. We continuously develop our private cloud platform, shaping the future of Conversational Commerce. CM.com’s customer base is spread over 118 countries, generating messages to more than 220 destinations. Customers include Tier 1 enterprises, government agencies, as well as small and medium sized enterprises.

Vlerick Business School

Responsible disclosure

Vlerick Business School is an international business school at the heart of Europe. We offer fully-accredited, world class education programs combining a healthy mix of theoretical knowledge and practical insight.

Sustainable

Royal FloraHolland

Responsible disclosure

Royal FloraHolland, is a Dutch cooperative of growers. It is one of the largest auction companies in the world and the largest flower auction company in the world. Floriculture is the third biggest export product of the Netherlands and Royal FloraHolland facilitates over 90% of this! In order to facilitate this in a safely manner, Royal FloraHolland strives to constantly improve it's security. This vulnerability disclosure program is therefor of great importance for Royal FloraHolland.

iBOOD.com

Up to €2,000

iBOOD looks forward to working with the security community to find security vulnerabilities in order to keep our business and customers safe. A security vulnerability is a weakness in a product, service or system that could allow an attacker to compromise the integrity, availability, or confidentiality of that product, service or system. Thank you in advance for your contribution!

X-Road

€50 ‐ €5,000

X-Road® is open-source software and ecosystem solution that provides unified and secure data exchange between organisations. The basic idea of X-Road is that members of an ecosystem exchange data through access points (Security Servers) that implement the same technical specifications. X-Road is a digital public good verified by the Digital Public Goods Alliance, and it is released under the MIT open source license and is available free of charge.