Bug Bounty Programs

Welcome to the Dropbox Bug Bounty program — where your curiosity helps keep millions of users safe. At Dropbox, we take security seriously, and we know the best defenses are built with input from the wider security community. Whether you're diving into our apps, APIs, or backend systems, your expertise plays a critical role in protecting the data people trust us with every day. We reward creativity, precision, and clear reporting — and we’re here to support you along the way. Be sure to check out our scope, rules, and submission guidelines before getting started. Let’s work together to make Dropbox even more secure — one bug at a time.

Delen Private Bank is a family-based specialist in asset management, focused on wealth preservation, growth and careful planning. Our core values - entrepreneurship, personal service and long-term vision – inspire us to apply a proactive yet prudent investment philosophy. Honest, no-nonsense products and services help our clients to enjoy the good and beautiful things in life – both today and tomorrow.

Zen by Aikido is an embedded security engine for autonomously protecting applications against common web attacks, like shell injection and SQL injection. We do so by hooking into sinks, validating them together with the incoming user input and in case the request is malicious, we block the request. It's similar to a traditional WAF, but with the full context of the called code and the user's input.

Every day, billions of people come into contact with Bühler technologies to meet their basic needs for food, mobility, and more. Our technologies are in your smartphone, solar panels, diapers, lipstick, banknotes, the food you eat, and the vehicles you drive. We strive to innovate for a better world, with a special focus on healthy, safe, and sustainable solutions. Learn more about Bühler at www.buhlergroup.com.

Democratizing America’s financial system. Invest in stocks, ETFs, options, and cryptocurrencies commission-free. Disclosure: https://robinhood.com/legal

The Suivo Web Platform provides access to Tracking data from vehicles equiped with Suivo hardware. The platform is built around 4 components: - Real-time Tracking data - Analytics based on historical Tracking data, both in a web view en generated reports - Communication: tasks and messages - Fleet management (Maintenance planning etc.)

DataCamp’s mission is to democratize data skills for everyone. Companies and teams of every size use DataCamp to close their data skill gaps and make better data-driven decisions. Data science and analytics are rapidly shaping every aspect of our lives and our businesses. There is incredible power in data—but only if you know what to do with it. DataCamp teaches 1,600+ companies and 7 million individuals from 180+ countries the skills they need to work with data in the real world.

Creators of hit computer game franchises Bloons, Bloons TD and SAS: Zombie Assault for mobile and web. We have offices in Auckland, New Zealand and Dundee, Scotland. We are excited to engage with the security community to help us keep our users safe and our services secure. This is our second Bug Bounty program after a successful campaign in 2021.

Intergamma is the biggest DIY retailer of The Netherlands and Belgium with three brands: GAMMA Nederland, GAMMA België, and KARWEI. We have almost 400 DIY stores and operate three eCommerce websites. Our strategy is to be the best omnichannel retailer of the Netherlands and Belgium. This means offline and online are converging, and eCommerce is a growth market. Therefore a secure platform is paramount. For more information on our organization please visit https://www.intergamma.nl/

Torfs - the well-known shoe retailer in Belgium - is still a 100% family business today. This family character guarantees a number of important values within the company where employees are central. A head office in Sint-Niklaas and a spectacular distribution center in Temse offer support to the points of sale and customers of the E-Commerce website. With more than 80 stores in Flanders, 2 shops in the French part of Belgium and a growing online shop in Belgium, The Netherlands and several marketplaces, Torfs wants to be and remain the most customer-friendly optichannel shoe store chain.

CM.com is a listed company that provides Conversational Commerce services from its hybrid cloud platform with in-house developed software. CM.com’s customer base is spread over 118 countries, generating messages to more than 220 destinations. Customers include Tier 1 enterprises, government agencies, as well as small and medium sized enterprises. We offer API's for most of our products. You may find the documentation here: https://developers.cm.com

Venly is a blockchain technology company providing developer-friendly solutions to help businesses seamlessly integrate Web3 capabilities into their applications. Our mission is to make blockchain accessible for everyone by offering secure, scalable, and easy-to-use tools for developers, enterprises, and end users. With a strong focus on user experience, security, and innovation, Venly delivers a suite of blockchain infrastructure solutions, including: * Venly Wallet – A secure, multi-chain digital wallet solution with a user-friendly UI and developer API for seamless blockchain asset management. * Venly NFT Tools – A complete NFT suite enabling brands and game developers to integrate digital collectibles effortlessly. * Venly Onboarding Solutions – Secure authentication and blockchain identity solutions that simplify Web3 adoption. Venly’s enterprise-grade security and compliance standards ensure businesses can safely leverage blockchain technology while maintaining top-level security and regulatory alignment. Our tools are trusted by global brands, gaming studios, and financial institutions to power next-generation decentralized applications. This program focuses primarily on Venly Wallet UI and Wallet API, which provide secure and accessible blockchain wallet solutions for businesses and users worldwide.

The application that coordinates the sending of the traffic fines document to the citizens and the reconciliation of the payments.

Capital.com, voted ‘Most Innovative Tech 2021’ by TradingView is a multi-award winning global investment trading platform authorised and regulated by the UK’s Financial Conduct Authority, the Cyprus Securities and Exchange Commission, and the Australian Securities and Investments Commission. Recognised for its quality 24/7 customer support, seamless trading experience and competitive fees, Capital.com is a fast-emerging leader in the European leveraged trading industry.

AS National Media & Tech (NMT) is a subsidiary of Axel Springer SE, a leading international media company. We develop and operate digital products for Germany’s top news brands, reaching over 50 million users each month. At Axel Springer, we stand for free journalism and unrestricted access to information, allowing people to make free decisions. To protect this, the security of our platforms and users is our top priority. Your contributions help us keep them safe.

UZ Leuven is a university hospital where patients can count on specialised care and innovative treatments, combined with humane attention and respect for every person. Every day, almost 10,000 passionate employees provide the best possible custom-made care. Future care providers and employees receive high-quality training in UZ Leuven, with a view lifelong learning and innovation. As a pioneer in clinical research, the hospital also contributes to future patient care.

Welcome to the Monzo public bug bounty program! 🚀 At Monzo we aim to create a banking service that makes our customers financial lives better and easier. Our mantra is “make money work for everyone” and we mean it! 👍 We have created several apps to provide intuitive, helpful, and enjoyable experiences across our range of products 💖. We won’t sacrifice security though! So if you find a security bug in one of our apps or services, this is the place to report it! Happy hunting!

Say unlocks the power of investor communications by working with broker-dealers to connect shareholders with the public companies they invest in.

At PDQ our mission is to make device management simple, secure, and pretty damn quick. We know how important the security of our products is. We're a bunch of former sysadmins ourselves. Every decision we make revolves around ensuring our products are safe to use for managing your devices, which is why we have a bug bounty program. It’s a true win-win: We improve the security of our products, and you reap the rewards.

Soundtrack Your Brand offers music streaming services for businesses. We serve small customers like the café around the corner or larger brands like McDonald’s. Through our service customers have total control over the music and can manage locations across the world. We provide a wide variety of playback options, from mobile apps to custom hardware, that our customers use to play music at their venues. They manage their account, music and locations via our web app.

SimScale is a browser-based, online engineering simulation platform that provides powerful modeling and simulation capabilities. With in-browser 3D visualization, scalable on-demand computing capacity, the SimScale platform enables a new way of using simulation technology. SimScale integrates a broad variety of simulation software tools for structural mechanics, fluid dynamics, and thermodynamics. The SimScale team and our partners are constantly expanding the features of the platform.

An open source, off-grid, decentralized, mesh network built to run on affordable, low-power devices Hey Hackers! If you met us at DEF CON thank you for your interest in this program. This program can be used to disclose any vulnerabilities found on the devices handed out during the Con.

We are happy to relaunch our public VDP program! We've done our best to clean up our issues and now would like to request your help to spot the ones we missed! We start with just a few domains and want to continously increase our scope at regular intervals. So keep checking this page from time to time to see if there is anything new to find. ⚠️ Only submissions that follow the Rules of Engagement (e.g., using an intigriti.me email) and are not Out of Scope will be considered valid. Actions like mail bombing, denial of service, changing/removing data or parameters, or interfering with asset functionality are strictly forbidden and not protected by the safe harbor clause. Always aim to prevent harm, review all relevant sections before starting and follow the rules of engagment. Arbonia is one of the world's leading interior brands for doors, showers, and dividing systems made from wood, glass and metal. The company, which is listed on the SIX Swiss Exchange, is active as a leading supplier in Western, Central, and Eastern Europe with its own distribution companies. Its main production sites are located in Switzerland, Germany, Poland, Spain, Czech Republic, Portugal, and France. A total of around 3'700 employees work for the Arbonia.

We provide a platform for: - Businesses to sell products (like food, clothing and even electronics). - Customers to purchase such products and get them delivered by Wolt couriers. - Wolt couriers to receive and manage delivery requests. We have more than 30 million registered users and we operate in 20+ countries. Read more about us: https://wolt.com/en/about.