Proton

Our top priority has always been the security of our community, which is why we are happy to announce our partnership with Bug Bounty Switzerland(new window) and our new private bug bounty program made up of expert ethical hackers and security researchers.

Bug Bounty Switzerland has successfully led some of Switzerland’s largest bug bounty programs and public scrutiny initiatives. Thousands of security researchers have participated in their programs to secure Swiss companies, public sector organizations, and critical infrastructure. They will manage our private bug bounty program and help us build an even stronger security community around our products. 

We invite all sophisticated hackers and researchers with experience searching for, identifying, and addressing advanced hacks and techniques used by nation-states, criminal organizations, or other bad actors to apply for this program. We are specifically looking for demonstrated expertise in the following areas:

  • Finding vulnerabilities in mail and communication systems
  • Compromising encryption techniques
  • Compromising backend APIs
  • Hacking mobile applications, Windows, Linux, or Apple systems
  • Researching VPN technology

Proton will reward people for reporting vulnerabilities in our products. Key focus areas include:

  • Vulnerabilities that will compromise a Proton user’s personal data
  • Compromising Proton’s encryption (password leaks, private keys, etc.)
  • The ability to demonstrate unauthorized access to customer data (such as email, calendar, etc.)
  • Demonstrating EOP, sensitive information disclosure, or availability vulnerabilities in Proton products
  • Compromising Proton API or server infrastructure
  • Demonstrating the ability to compromise applications running on mobile devices, Windows, Linux, and Apple

Proton strives to maintain the highest software security standards for our products, and we pride ourselves on our ability to adapt and use the best security practices within our software development life cycle. We are committed to working closely with qualified security researchers to ensure that our products are as secure as possible. If you are interested in participating in this bounty program, you can apply at https://www.bugbounty.ch/proton(new window).

Related articles

The cover image for a Proton Pass blog comparing SAML and OAuth as protocols for business protection
en
SAML and OAuth help your workers access your network securely, but what's the difference? Here's what you need to know.
Proton Lifetime Fundraiser 7th edition
en
Learn how to join our 2024 Lifetime Account Charity Fundraiser, your chance to win our most exclusive plan and fight for a better internet.
The cover image for a Proton Pass blog about zero trust security showing a dial marked 'zero trust' turned all the way to the right
en
Cybersecurity for businesses is harder than ever: find out how zero trust security can prevent data breaches within your business.
How to protect your inbox from an email extractor
en
  • Guias de privacidade
Learn how an email extractor works, why your email address is valuable, how to protect your inbox, and what to do if your email address is exposed.
How to whitelist an email address and keep important messages in your inbox
en
Find out what email whitelisting is, why it’s useful, how to whitelist email addresses on different platforms, and how Proton Mail can help.
The cover image for Proton blog about cyberthreats businesses will face in 2025, showing a webpage, a mask, and an error message hanging on a fishing hook
en
Thousands of businesses of all sizes were impacted by cybercrime in 2024. Here are the top cybersecurity threats we expect companies to face in 2025—and how Proton Pass can protect your business.