Bug Bounty Programs

Below is a list of public bug bounty programs. Through a bug bounty program, companies can tap into a global network of ethical hackers who continuously test a wide range of digital assets within the defined scope.

Bug bounty programs reward ethical hackers with financial incentives when valid vulnerabilities are discovered.

Industry

Program type

Sort by

Search

AMD Product Security Bug Bounty Program

AMD Product Security Bug Bounty Program

Manufacturing Consumer

Advanced Micro Devices, Inc., commonly abbreviated as AMD, is an American multinational semiconductor company based in Santa Clara, California, that develops computer processors and related technologies for business and consumer markets.

Bug bounty program

$500 – $30,000

Social Deal

Social Deal

Leisure and Hospitality

Thank you for visiting our program, we are happy with ethical hackers who want to look have a into our security with an objective view. Social Deal is an online platform for consumers to buy the best deals in their region. With these deals they can discover restaurants/hotels/beauty/zoo and many other retailers for the best price. Social Deal is active in Netherlands, Belgium and Germany. Our customers trust our brand. We want to be sure the data is protected to keep our brand value high.

Bug bounty program

€25 – €750

Bühler Group VDP

Bühler Group VDP

Manufacturing Industrial

Every day, billions of people come into contact with Bühler technologies to meet their basic needs for food, mobility, and more. Our technologies are in your smartphone, solar panels, diapers, lipstick, banknotes, the food you eat, and the vehicles you drive. We strive to innovate for a better world, with a special focus on healthy, safe, and sustainable solutions. Learn more about Bühler at www.buhlergroup.com.

Responsible disclosure

WP Engine VDP

WP Engine VDP

Media and Entertainment

WP Engine invites you to test the WP Engine and Flywheel Digital Experience Platforms. WP Engine equips its customers with a suite of agility, performance, intelligence, and integration solutions, so you can build and deploy a range of online experiences from campaign sites to content hubs to e-commerce extensions. Good luck and happy hunting!

Responsible disclosure

Rivian Bug Bounty

Rivian Bug Bounty

Manufacturing Consumer

Rivian exists to create products and services that help our planet transition to carbon neutral energy and transportation. Rivian designs, develops, and manufactures category-defining electric vehicles and accessories and sells them directly to customers in the consumer and commercial markets. Rivian complements its vehicles with a full suite of proprietary, value-added services that address the entire lifecycle of the vehicle and deepen its customer relationships.

Bug bounty program

$100 – $5,000

Zabka Group Vulnerability Disclosure Program

Zabka Group Vulnerability Disclosure Program

Retail

Żabka Group is the ultimate convenience ecosystem that aims to make people’s lives easier. We accompany consumers at every moment of the day, freeing up their time through the possibility of convenient grocery shopping, have a hot meal on the go, send a package, withdraw cash or take advantage of a dietary catering with delivery. We are aware, that despite our greatest efforts, our knowledge may not be sufficent to keep us safe. Therefore we started our vulnerability disclosure program because we believe that working closely with skilled security researchers is beneficial to for all parties.

Responsible disclosure

Vlerick Business School

Vlerick Business School

Education

Vlerick Business School is an international business school at the heart of Europe. We offer fully-accredited, world class education programs combining a healthy mix of theoretical knowledge and practical insight.

Responsible disclosure

Trouw

Trouw

Media and Entertainment

Trouw reaches thousands of people involved daily with in-depth journalism via print and online via the news site, news apps and digital newspaper

Bug bounty program

€25 – €2,200

Driessen Vulnerability Disclosure Program

Driessen Vulnerability Disclosure Program

Business and Professional Services

Driessen is a staffing agency for government, education and other vital sectors. We have been working exclusively for vital sectors for 30 years, making us one of the largest staffing agencies in the Netherlands. On our platform users can manage their jobs and employees (for employers). For example: candidates can find jobs and apply; employees can see payslips and send in declarations; employers can open a new job with a new vacancy or a payroll request.

Responsible disclosure

Tweakers

Tweakers

Media and Entertainment

Tweakers is a Dutch technology website featuring news and information about hardware, software and the Internet. We take security very serious as many of our users use our site as a trusted source. Therefore we have decided to collaborate with ethical hackers that can inform us about potential vulnerabilities in our systems. If you happen to find a vulnerability we'd be more than happy to hear about it and, if its impact is significant enough, award you a bounty as token of appreciation.

Bug bounty program

€50 – €2,200

Submit your research - Fast lane

Submit your research - Fast lane

Want to try a new technique or methodology on private bug bounty programs? Submit your research, get invited to private programs, and start collecting bounties.

Sustainable

Responsible disclosure

2FA Required

EURid

EURid

Public Services

EURid vzw is the registry operator of the .eu, .ею (Cyrillic script) and .ευ (Greek script) country code top-level domains (ccTLD) upon the appointment of the European Commission since 2003. As the registry operator, our biggest concern and priority is the stability and security of the .eu namespace. We also develop and maintain YADIFA since 2012, a lightweight authoritative Name Server with DNSSEC capabilities.

Bug bounty program

Up to €6,000

9altitudes - Vulnerability Disclosure Program

9altitudes - Vulnerability Disclosure Program

Software

The 9altitudes Vulnerability Disclosure Program (VDP) program to review no-bounty assets. 9altitudes is a European player with the main office in Belgium providing digital transformation for our customers focused on 3 main industry clusters – manufacturing, services, and wholesale & distribution. As a Microsoft Gold partner, we are mostly Microsoft-oriented with some own-IP and are an ever-expending organization by way of merge & acquisition.

Responsible disclosure

eHealth Hub VZN KUL

eHealth Hub VZN KUL

Hospitals and Healthcare

The national project “eHealth Hubs & MetaHub” coordinated by the eHealth platform is meant to make medical results from hospitals (and in the near future medical laboratories) available to any caregiver who currently is treating the patient . For detailed information see https://www.ehealth.fgov.be/nl/zorgverleners/online-diensten/hubs-metahub and the URL in the next paragraph. This system supplements the traditional system of addressed ‘email type’ communication to individual referrers. Before medical data about a patient can be shared, that patient has to grant the ‘eHealth informed consent’ (see http://www.patientconsent.be ). Further, care providers declare a therapeutic relationship with the patient. Communication between the hubs and between external physicians and a hub is according to the KMEHR standard: https://www.ehealth.fgov.be/standards/kmehr/content/page/web-services The scope of this project is confined to the hub exploited by VZNKUL (Vlaams Ziekenhuis Netwerk KU Leuven) implementation of this hub system. The central metahub hub from the Belgian government, the other hubs, and the systems at other partners of this project are out of scope.

Sustainable

Bug bounty program

Up to €2,000

House of HR Vulnerability Disclosure Program

House of HR Vulnerability Disclosure Program

Business and Professional Services

House of HR is a leading HR services group active all over Europe. Our entrepreneurial spirit drives us to provide specialized solutions in two key segments: Specialized Talent Solutions and Engineering & Consulting. Our decentralized model empowers rapid decision-making across our Powerhouses. If you find a security bug in one of our apps, this is the place to report it! Happy hunting! 🏹

Responsible disclosure

Axel Springer SE Vulnerability Disclosure Program

Axel Springer SE Vulnerability Disclosure Program

Media and Entertainment

Axel Springer SE, headquartered in Berlin, is a leading digital publisher known for its wide range of news outlets, magazines, and classifieds. Embracing digital innovation and transformation, the company prioritizes data protection and system integrity. To bolster its digital ecosystem's security, Axel Springer runs a vulnerability disclosure bug bounty program, encouraging cybersecurity experts to find and report vulnerabilities in its digital environment.

Responsible disclosure

Yacht

Yacht

Business and Professional Services

Yacht is number one in connecting professionals.

Responsible disclosure

BMC

BMC

Business and Professional Services

BMC is number one in connecting professionals

Responsible disclosure

Randstad

Randstad

Business and Professional Services

Randstad is the global leader in the HR services industry. By combining our passion for people with the power of today’s intelligent machines, we support people and organizations in realizing their true potential.

Responsible disclosure

Sixt

Sixt

Transportation and Logistics

With more than 6,900 employees worldwide, SIXT combines global car rental and local share solutions, ride hailing-services as well as car subscriptions in one of the world’s largest mobility platforms. With just one app – the SIXT App – we offer our customers digital access to more than 200,000 vehicles and around 1.5 million connected drivers in approximately 110 countries worldwide. Besides its own range of vehicles, SIXT also integrates services from more than 1,500 mobility partners.

Responsible disclosure

Cloudways by DigitalOcean

Cloudways by DigitalOcean

Software

Cloudways by DigitalOcean is a managed web hosting platform that specialises in providing an easy-to-manage environment for web applications.

Bug bounty program

$50 – $4,000

Housing Application (huisvestingsapp) Bug Bounty Program

Housing Application (huisvestingsapp) Bug Bounty Program

Education

At KU Leuven, we are committed to ensuring the integrity of our Housing Application Program. This program allows both new and returning students to apply for a room in KU Leuven Central Services Residences, helping them find the right accommodation. As with all our platforms, we recognize that vulnerabilities can exist, and we encourage researchers to report any security issues they may discover within this application. If you identify a vulnerability while using the application, please follow our disclosure guidelines to report it safely and responsibly. Your contributions help us maintain a secure and seamless experience for all students!

Bug bounty program

Up to €2,000

Universitätsspital Zürich VDP

Universitätsspital Zürich VDP

Hospitals and Healthcare

VULNERABILITY DISCLOSURE PROGRAM (VDP) Above all else, University Hospital Zurich is committed to the care and improvement of human life. Part of that mission is to protect our patients, people, systems, and facilities. We want encourage security researchers to feel comfortable reporting vulnerabilities they’ve discovered to us in good faith.

Responsible disclosure

PeopleCert VDP

PeopleCert VDP

Education

PeopleCert is the global leader in the assessment and certification of professional and language skills, partnering with multi-national organisations and government bodies to develop and deliver market leading exams worldwide. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities.

Responsible disclosure