At Proton, security is our highest priority and something that we work on day and night to improve. We have been very fortunate to have several individuals and organizations step forward to assist us with security auditing. The contributors listed below have dedicated their time and effort to helping us and participating in our Bug Bounty program because they believe in online privacy and the right to anonymous email.

If you would like to help audit the Proton Mail code, please reach out and let us know! And if we forgot to mention you below, let us know and we will add you right away, we actually don’t know who some of you are because Proton Mail users are anonymous.


Cyberkov(new window) – Cyberkov is a professional IT security services and consultation firm that provides a highly targeted set of security services, including but not limited to: Penetration Testing, Vulnerability Assessments, Security Assessments, Digital Forensics, Incident Response, Source Code Analysis, and Security Awareness Training. [Audit performed, May 2014, April 2016]

Hermes Security Solutions(new window) – Hermes Security Solutions is an offensive cybersecurity company based on hybrid pentesting. Our team, augmented by artificial intelligence, runs controlled attacks against the critical infrastructures of consolidated SMEs, Big Tech corporations, and government entities.


M.R.Vignesh Kumar (new window)(ம.ரா.விக்னேஷ் குமார்) – Security Researcher, தமிழ்நாடு

Brian Browning

Mike Cardwell

Thomas Roth – Security Researcher

Matthew R Price

Camilo Galdos AkA Dedalo(new window)

Stanislav Eremin(new window)

Eric Rafaloff(new window)

Adam Andersen(new window)

Ivan Krasin(new window) – Google Inc

Maxim Rupp(new window) –

Mar Adrian Belen(new window)

Mazin Ahmed(new window) [Audit performed, July 2014]

Prakhar Prasad(new window)

Osanda Malith Jayathissa(new window)

Kacper Rybczyński(new window)

dotchloe(new window)

Alexander Antukh(new window)

Sebastian Vasile(new window)

Shwetabh Suman(new window)

Chand Singh(new window)

Shivasurya S(new window)

Uk Hur(new window)

Sehoon Lee(new window)

Jongsung Kim(new window)

(Kai) Hrafnkell Gudmundsson

Vladimir Yakovlev(new window)

Daniel De Almeida Braga

Pierre-Alain Fouque

Mohamed Sabt

Brian Carpenter(new window)

0xtavian(new window)

Sheikh Rishad(new window)

Ibad Shah(new window)

Manojkumar J(new window) 

NDevTK(new window)

Julien Cretel(new window)

Brian Carpenter of Geeknik Labs(new window)

Ashutosh Barot(new window)

sachin kalkumbe(new window)

Piotr Smaza(new window)

Aymeric Sorek(new window)

Kunal Trivedi AKA “Zodiac”(new window)

Hamza Zaheer(new window)

Abiral Shrestha(new window)

Fabián Cuchietti at Innotec Security(new window)


Joseph Harris (Doc)(new window)

Sudip Roy

HeeChan Kim (@heegong123(new window)) of TeamH4C(new window)

Ramkumar G(new window)

Vladyslav Kotko(new window)

Suraj Mulik(new window)


Sam Schick(new window)

Abdullah Ahmet Erdem

Tushar Sharma(new window)

Talal Haj Bakry and Tommy Mysk of Mysk Inc.(new window)

Anurag Kumar(new window)

Aziz Al Aman (nxtexploit(new window))

Yash Ahmed Quashim(new window)

Thore Göbel

Arjun Singh(new window)

Karan Rathod(new window)

Ali Mansour(new window)

Garv Kataria(new window)

Arvind(new window)

Dr. Peter Hinz

Santhoshkumar Chandramohan(new window) of Ironclad Cyber Security

Deepak Saini(new window)

Alexander Staalgaard(new window)

Marek Tóth(new window)

Ramkumar G(new window)

Will Dorman(new window) of Vul Labs(new window)

Kolja Grassmann of cirosec(new window)

Safwat Refaat

Jaeheun Han

Tomáš Starý(new window)

HeeChan Kim(new window) of TeamH4C(new window)

Mike Cardwell(new window)

Talal Haj Bakry and Tommy Mysk of Mysk Inc.(new window)

Protect your privacy with Proton
Create a free account

Related articles

People and companies are generally subject to the laws of the country and city where they are located, and those laws can change when they move to a new place. However, the situation becomes more complicated when considering data, which can be subjec
Your online data is no longer just used for ads but also for training AI. Google uses publicly available information to train its AI models, raising concerns over whether AI is even compatible with data protection laws. People are worried companies
iPhone stores passwords in iCloud Keychain, Apple’s built-in password manager. It’s convenient but has some drawbacks. A major issue is that it doesn’t work well with other platforms, making it hard for Apple users to use their passwords and passkeys
There are many reasons you may need to share passwords, bank details, and other highly sensitive information. But we noticed that many people do this via messaging apps or other methods that put your data at risk. In response to the needs of our com
Large language models (LLMs) trained on public datasets can serve a wide range of purposes, from composing blog posts to programming. However, their true potential lies in contextualization, achieved by either fine-tuning the model or enriching its p
is Google Docs secure
Your online data is incredibly valuable, particularly to companies like Google that use it to make money through ads. This, along with Google’s numerous privacy violations, has led many to question the safety of their information and find alternative