Bug Bounty Programs

Below is a list of public bug bounty programs. Through a bug bounty program, companies can tap into a global network of ethical hackers who continuously test a wide range of digital assets within the defined scope.

Bug bounty programs reward ethical hackers with financial incentives when valid vulnerabilities are discovered.

Industry

Program type

Sort by

Search

Personio

Personio

Business and Professional Services

Personio is Europe's leading HR Software for SMEs - your one-stop HR solution with automated processes, seamless integrations, and data-driven insights. Our Security Team knows that a solid Bounty Program helps build customer trust in our platform. So we are looking forward to working with you to help hold our platform up to the highest of standards.

Bug bounty program

€50 – €5,000

SimScale

SimScale

Manufacturing Consumer

SimScale is a browser-based, online engineering simulation platform that provides powerful modeling and simulation capabilities. With in-browser 3D visualization, scalable on-demand computing capacity, the SimScale platform enables a new way of using simulation technology. SimScale integrates a broad variety of simulation software tools for structural mechanics, fluid dynamics, and thermodynamics. The SimScale team and our partners are constantly expanding the features of the platform.

Bug bounty program

€250 – €6,000

Monzo Public Bug Bounty Program

Monzo Public Bug Bounty Program

Financial Services and Insurance

Welcome to the Monzo public bug bounty program! 🚀 At Monzo we aim to create a banking service that makes our customers financial lives better and easier. Our mantra is “make money work for everyone” and we mean it! 👍 We have created several apps to provide intuitive, helpful, and enjoyable experiences across our range of products 💖. We won’t sacrifice security though! So if you find a security bug in one of our apps or services, this is the place to report it! Happy hunting!

Bug bounty program

£125 – £12,500

Grafana Labs

Grafana Labs

Software

Grafana Labs is the company behind Grafana, Loki, Mimir and Tempo, the leading open source software for visualizing operational data. We are thrilled to invite you to participate in our bug bounty program in partnership with Grafana Labs' security team. Before beginning your research, we kindly request that you carefully review this program's scope. This will ensure that your efforts align with our objectives and that you receive proper compensation for any findings that meet the program's criteria. Happy hacking!

Bug bounty program

$10 – $15,000

Soundtrack Your Brand

Soundtrack Your Brand

Media and Entertainment

Soundtrack Your Brand offers music streaming services for businesses. We serve small customers like the cafĂ© around the corner or larger brands like McDonald’s. Through our service customers have total control over the music and can manage locations across the world. We provide a wide variety of playback options, from mobile apps to custom hardware, that our customers use to play music at their venues. They manage their account, music and locations via our web app.

Bug bounty program

€50 – €3,500

Axel Springer National Media & Tech

Axel Springer National Media & Tech

Media and Entertainment

AS National Media & Tech (NMT) is a subsidiary of Axel Springer SE, a leading international media company. We develop and operate digital products for Germany’s top news brands, reaching over 50 million users each month. At Axel Springer, we stand for free journalism and unrestricted access to information, allowing people to make free decisions. To protect this, the security of our platforms and users is our top priority. Your contributions help us keep them safe.

Bug bounty program

€15 – €2,500

TrueLayer

TrueLayer

Financial Services and Insurance

TrueLayer is opening up finance and changing the way the world pays. Empowering businesses in every industry to create first-class financial experiences for their customers. We build on top of the Open Banking and PSD2 standards to provide APIs for our customers to use to provide financial data and payment initiation services.

Bug bounty program

€75 – €6,000

PDQ bug bounty program

PDQ bug bounty program

Software

At PDQ our mission is to make device management simple, secure, and pretty damn quick. We know how important the security of our products is. We're a bunch of former sysadmins ourselves. Every decision we make revolves around ensuring our products are safe to use for managing your devices, which is why we have a bug bounty program. It’s a true win-win: We improve the security of our products, and you reap the rewards.

Bug bounty program

€50 – €3,500

Veriff Bug Bounty

Veriff Bug Bounty

Software

At Veriff we are passionate about creating a safer environment online. Our mission is to bring transparency to the digital world. We take the security of our systems seriously, and we value the security community. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users. We ask all researchers to follow the guidelines provided.

Bug bounty program

€5 – €6,000

Say Technologies Bug Bounty Program

Say Technologies Bug Bounty Program

Financial Services and Insurance

Say unlocks the power of investor communications by working with broker-dealers to connect shareholders with the public companies they invest in.

Bug bounty program

Up to $10,000

Voi Scooters

Voi Scooters

Leisure and Hospitality

Voi is europe's biggest micro-mobility operator based in Stockholm, Sweden. We manage a system of electrically powered scooters and bikes around urban centers. We provide an affordable, sustainable, and exhilarating way to commute while helping people to reduce their carbon footprint and cities to have a more sustainable transportation network. We are excited to work with and reward the community of security researchers to continuously improve our security position.

Bug bounty program

Up to €3,500

Newpharma

Newpharma

Retail

Newpharma is the largest online pharmacy in Belgium. It was the first to dispense medicines over the internet without a prescription in Belgium. Newpharma also offers you a broad range of drugstore products: cosmetics, natural and well-being products and specialist products for babies, children or the elderly at low prices throughout the year. Important note: Please limit your automated tools to 1 request/sec. DDoS or brute force attacks are strictly forbidden!

Bug bounty program

T&C Required

Application Required

€50 – €5,000

Capital.com

Capital.com

Financial Services and Insurance

Capital.com, voted ‘Most Innovative Tech 2021’ by TradingView is a multi-award winning global investment trading platform authorised and regulated by the UK’s Financial Conduct Authority, the Cyprus Securities and Exchange Commission, and the Australian Securities and Investments Commission. Recognised for its quality 24/7 customer support, seamless trading experience and competitive fees, Capital.com is a fast-emerging leader in the European leveraged trading industry.

Bug bounty program

Up to €15,000

DigitalOcean

DigitalOcean

Software

DigitalOcean, LLC. is an American multinational technology company and cloud service provider. DigitalOcean simplifies cloud computing so developers and businesses can spend more time building software that changes the world.

Bug bounty program

$50 – $10,000

CM.com

CM.com

Telecommunications

CM.com is a listed company that provides Conversational Commerce services from its hybrid cloud platform with in-house developed software. CM.com’s customer base is spread over 118 countries, generating messages to more than 220 destinations. Customers include Tier 1 enterprises, government agencies, as well as small and medium sized enterprises. We offer API's for most of our products. You may find the documentation here: https://developers.cm.com

Bug bounty program

€25 – €3,500

intigriti

intigriti

Software

At intigriti, we practice what we preach. We’ve built the platform with the greatest care and attention for security, but all software contains bugs and we are no exception to this rule. We encourage you to responsibly disclose any security vulnerabilities you may encounter and we will reward you accordingly.

Sustainable

Bug bounty program

€50 – €13,337

Arbonia VDP program

Arbonia VDP program

Construction

We are happy to relaunch our public VDP program! We've done our best to clean up our issues and now would like to request your help to spot the ones we missed! We start with just a few domains and want to continously increase our scope at regular intervals. So keep checking this page from time to time to see if there is anything new to find. ⚠ Only submissions that follow the Rules of Engagement (e.g., using an intigriti.me email) and are not Out of Scope will be considered valid. Actions like mail bombing, denial of service, changing/removing data or parameters, or interfering with asset functionality are strictly forbidden and not protected by the safe harbor clause. Always aim to prevent harm, review all relevant sections before starting and follow the rules of engagment. Arbonia is one of the world's leading interior brands for doors, showers, and dividing systems made from wood, glass and metal. The company, which is listed on the SIX Swiss Exchange, is active as a leading supplier in Western, Central, and Eastern Europe with its own distribution companies. Its main production sites are located in Switzerland, Germany, Poland, Spain, Czech Republic, Portugal, and France. A total of around 3'700 employees work for the Arbonia.

Responsible disclosure

Ubisoft VDP

Ubisoft VDP

Media and Entertainment

Ubisoft is a leading video game company, the creators of original and immersive worlds like Assassin's Creed, Far Cry, The Crew, Rainbow Six and Watch Dogs. We welcome the reporting of security vulnerabilities that would help us protect our players and assets.

Responsible disclosure

Cross Border Fines

Cross Border Fines

Financial Services and Insurance

The application that coordinates the sending of the traffic fines document to the citizens and the reconciliation of the payments.

Bug bounty program

€100 – €3,000

Webnode

Webnode

Media and Entertainment

Webnode is an amazingly simple website builder. Launched in 2008, it has already helped over 50 million users create their own websites. Webnode has recently been acquired by the number one hosting company in Europe and therefore the product will be used and implemented throughout different brands in Europe.

Bug bounty program

2FA Required

Application Required

€100 – €1,750

Yahoo Bug Bounty

Yahoo Bug Bounty

Manufacturing Consumer

Welcome to Yahoo Yahoo is a global media and advertising company connecting people to their passions. With one of the largest online audiences in the world, Yahoo brings people closer to what they love — from finance and commerce, to gaming and news — with the trusted products, content, and tech that fuel their day. For partners, we provide a full-stack platform to amplify businesses and drive more meaningful connections across advertising, search, and media.

Bug bounty program

$100 – $15,000

Arm

Arm

Manufacturing Consumer

Arm is committed to security and welcomes feedback from researchers and the security community to improve its products and services. The Arm Bug Bounty Program represents a partnership between Arm and the research community. At Arm, we value collaboration with security researchers as a critical step toward enhancing the security of our products. We encourage researchers to work with us to identify, mitigate, and responsibly disclose potential security vulnerabilities. We look forward to collaborating with you! This program currently welcomes reports of vulnerabilities in certain versions of: - Firmware: Mali Command Stream Frontend (CSF) Firmware 'CSFFW' - Software: Mali GPU Kernel Driver (Kbase) By submitting your report, you agree to the terms of the Arm Bug Bounty Program. Arm reserves the right to alter the terms and conditions of this program at any time and its sole discretion.

Bug bounty program

Up to $15,000

Skoda Auto Bug Bounty Program

Skoda Auto Bug Bounty Program

Manufacturing Consumer

This Bug Bounty program is an official and first program run by Ć koda Auto a.s. It is focused on the newest version of MyĆ koda mobile application available for iOS and Android. We appreciate the possibility to work with you either remotely or by joining us at the factory and testing the app within our cars! In advance, we thank you for your time and invite you to step into the era of a proactive approach to cyber security together! Ć koda Auto a.s.

Bug bounty program

€200 – €5,000

Tomorrowland

Tomorrowland

Leisure and Hospitality

Tomorrowland is one of the most-loved and best-known music festivals on the planet. Because of this Tomorrowland usually sells out in minutes and manages a large fanbase. Tomorrowland also innovates by providing its visitors cashless onsite payments and a wide range of online services. This has increased Tomorrowland's digital footprint. We value all help we can get securing this digital footprint.

Bug bounty program

Up to €2,500