Responsible Disclosure List
 Share
The version of the browser you are using is no longer supported. Please upgrade to a supported browser.Dismiss

 
View only
 
 
ABCDEFGHIJKLMNOPQRSTUV
1
Vendor NameHomepagePreferred MethodPrimary ContactAlt Contact(s)PGP?Bounty Program?Bug Bounty InfoMisc Info.
2
Adobehttps://www.adobe.com/Web Formhttp://www.adobe.com/misc/securityform.htmlNo
3
Airbnbhttps://www.airbnb.com/Emailsecurity@airbnb.comNohttps://www.airbnb.com/help/policies/responsible_disclosure
4
Akamaihttp://www.akamai.com/???security@akamai.comhttp://www.akamai.com/dl/akamai/Akamai_Security_General.pubNo
5
Amazon.comhttp://www.amazon.com/Emailsecurity@amazon.comaws-security@amazon.comAWS: https://aws.amazon.com/security/aws-pgp-public-key/Nohttps://aws.amazon.com/security/vulnerability-reporting/
6
Applehttp://www.apple.com/Emailproduct-security@apple.comhttps://ssl.apple.com/support/security/pgp/Nohttps://support.apple.com/kb/HT1318
7
AT&Thttp://www.att.com/Emailsecure@att.comYeshttp://developer.att.com/developer/apiDetailPage.jsp?passedItemId=10700235http://www.att.com/gen/general?pid=19318
8
Avasthttp://www.avast.com/Emailbugs@avast.comhttp://virfile.avast.com/viruslab/avast-bugs-pgp-key.txtYeshttp://www.avast.com/bug-bounty
9
Barracudahttps://www.barracuda.com/EmailBugBounty@barracuda.comhttp://barracudalabs.com/bugbountypgp.txtYeshttp://barracudalabs.com/?page_id=3456
10
Boxhttps://www.box.com/Web Formhttps://www.box.com/about-us/security/security-reports@box.comhttps://www.box.com/about-us/security/No
11
BrainTreehttps://www.braintreepayments.comEmailsecurity@braintreepayments.comhttps://www.braintreepayments.com/assets-737616ee5a/assets/misc/security.ascNohttps://www.braintreepayments.com/developers/disclosure
12
CCP Gameshttp://www.ccpgames.com/Emailsecurity@ccpgames.comNohttp://community.eveonline.com/news/dev-blogs/2384
13
Cisco Systemshttp://www.cisco.com/Emailpsirt@cisco.com1.877.228.7302 (U.S.)
1.408.525.6532 (outside U.S.)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7FC16D3ANohttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html
14
Coinbasehttps://coinbase.com/Emailwhitehat@coinbase.comYeshttps://coinbase.com/whitehat
15
CryptoCathttps://crypto.cat/Bug Reporthttps://github.com/cryptocat/cryptocat/issues/nadim@crypto.catYeshttps://crypto.cat/bughunt/
16
Dropboxhttps://www.dropbox.com/Emailsecurity@dropbox.comNohttps://www.dropbox.com/special_thanks
17
Ebayhttp://www.ebay.com/Web Formhttp://ebay.com/securitycenter/Researchers.htmlNohttp://ebay.com/securitycenter/ResearchersAcknowledgement.html
18
EngineYardhttps://www.engineyard.com/Emailsecurity@engineyard.comhttps://www.engineyard.com/engineyard-security.pubNohttps://www.engineyard.com/legal/responsible-disclosure-policy
19
Etsyhttps://www.etsy.com/Emailsecurity-reports@etsy.comYeshttp://www.etsy.com/help/article/2463
20
Evernotehttps://evernote.com/security/report-issue/Emailsecurity@evernote.comhttps://evernote.com/security/publickey.txtNo
21
Facebookhttps://www.facebook.com/Web Formhttps://www.facebook.com/whitehat/report/Yeshttps://www.facebook.com/whitehat/
22
Fluxiomhttp://www.fluxiom.com/Emailsecurity@fluxiom.com1.707.703.5936Nohttps://secure.fluxiom.com/security
23
Future Simplehttps://getbase.com/Emailsecurity@futuresimple.comNohttps://getbase.com/security/
24
General Electrichttp://www.ge.com/Emailsecurity@ge.comhttp://www.ge.com/sites/default/files/PSIRT_GE.ascNohttp://www.ge.com/security/
25
Githubhttps://github.com/Emailsecurity@github.comNoNohttps://help.github.com/articles/responsible-disclosure-of-security-vulnerabilities
26
Gliph Securityhttps://gli.ph/Emailsecurity@gli.phNo
27
Googlehttps://encrypted.google.com/Emailsecurity@google.comsecurity@motorola.com, security@android.comhttps://services.google.com/corporate/publickey.txtYeshttp://www.google.com/about/appsecurity/reward-program/
28
GroupOnhttp://www.groupon.com/Emailsecurity@groupon.comNo
29
Herokuhttps://www.heroku.com/Emailsecurity@heroku.comhttps://help.heroku.com/tickets/new?query=security+policy+pageNohttps://policy.heroku.com/security
30
HTChttp://www.htc.com/Emailsecurity@htc.comNohttp://www.htc.com/us/terms/product-security/
31
Huaweihttp://www.huawei.com/Emailpsirt@huawei.comhttp://www.huawei.com/ucmf/groups/public/documents/attachments/hw_196691.ascNohttp://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm
32
Ifixithttp://www.ifixit.com/Emailsecurity@ifixit.comNohttp://www.ifixit.com/Info/responsible_disclosure
33
LastPasshttps://lastpass.com/Emailsecurity@lastpass.com1.703.712.8315https://lastpass.com/support_security.php
34
Lookouthttps://www.lookout.com/Emailsecurity@lookout.comhttps://www.lookout.com/pgp-key.txtNohttps://www.lookout.com/responsible-disclosure
35
Megahttp://mega.co.nzEmailbugs@mega.co.nzYeshttps://mega.co.nz/#blog_6
36
Microsofthttps://www.microsoft.comEmailsecure@microsoft.comhttps://technet.microsoft.com/en-us/security/bulletin/pgpYeshttp://www.microsoft.com/security/msrc/report/bountyprograms.aspxhttps://www.microsoft.com/security/msrc/report/disclosure.aspxhttp://technet.microsoft.com/en-us/security/cc308575
37
Mozillahttps://www.mozilla.org/en-US/Email/Bugzillasecurity@mozilla.orghttps://bugzilla.mozilla.org/https://www.mozilla.org/security/#pgpkeyYeshttp://www.mozilla.org/security/bug-bounty.html
38
Netflixhttps://netflix.com/Emailsecurity-report@netflix.comhttps://support.netflix.com/en/node/6657Nohttps://support.netflix.com/en/node/6657
39
Nokia Siemens NetworkEmailsecurity-alert@nsn.comhttp://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0x07E71F9D08EA4CB7Nohttp://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
40
Oraclehttp://www.oracle.com/???security@oracle.comhttp://www.oracle.com/technetwork/topics/security/encryptionkey-090208.htmlNo
41
Paypalhttps://www.paypal.com/Emailsitesecurity@paypal.comhttps://www.paypalobjects.com/en_US/html/SecurityCenter/PayPalSiteSecurity.txtYeshttps://www.paypal.com/us/webapps/mpp/security/reporting-security-issues
42
Puppet Labshttps://puppetlabs.comEmailsecurity@puppetlabs.com1.877.575.9775Nohttps://puppetlabs.com/security/acknowledgments/
43
Reddithttp://www.reddit.com/Emailsecurity@reddit.comNohttp://www.reddit.com/wiki/whitehat
44
Salesforcehttps://www.salesforce.com/Emailsecurity@salesforce.comNohttps://www.salesforce.com/in/company/disclosure.jsp
45
Samsung SmartTVhttps://samsungtvbounty.com/Web Formhttps://samsungtvbounty.com/ReportBug.aspxYeshttps://samsungtvbounty.com/disclosure-policy.html
46
Simplehttps://www.simple.com/Emailsecurity@simple.comhttps://www.simple.com/policies/website-security/Nohttps://www.simple.com/policies/website-security/
47
SoundCloudhttps://soundcloud.com/Emailsecurity@soundcloud.comNohttp://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure
48
Symantechttps://www.symantec.comEmailsecure@symantec.comhttps://static1.symanteccontent.com/security/Symantec-Vulnerability-Management-Key.ascNohttps://static1.symanteccontent.com/en/uk/security/
49
T-Mobilehttps://www.t-mobile.com/Emailthecirt@t-mobile.comNo
50
Tarsnaphttps://www.tarsnap.com/Emailcperciva@tarsnap.comhttps://www.tarsnap.com/tarsnap-cperciva-key.ascYeshttps://www.tarsnap.com/bugbounty.html
51
Twitterhttps://twitter.com//Web Formhttps://support.twitter.com/forms/securitysecurity@twitter.comhttps://dev.twitter.com/docs/security/public-keyNohttps://twitter.com/about/security
52
Ubuntuhttp://www.ubuntu.com/Bug Reporthttps://bugs.launchpad.net/ubuntu/+filebugsecurity@ubuntu.comNohttp://www.ubuntu.com/usn/
53
Veracodehttps://www.veracode.com/Nohttps://www.veracode.com/responsible-disclosure/responsible-disclosure-policy.html
54
Yahoo Inc.http://www.yahoo.comEmailsecurity@yahoo-inc.comNo
55
Zendeskhttps://www.zendesk.com/Emailsecurity@zendesk.comNohttps://www.zendesk.com/company/responsible-disclosure-policy
56
Zyngahttp://zynga.com/Emailsecurity@zynga.comhttp://company.zynga.com/security@zynga.com.ascNo
Loading...
Main menu