Proton security response center

We are the Proton Security team, responsible for working with security researchers to protect our apps and your data. Your security is our top priority.

Bug bounty program

Security researchers are integral to finding bugs that were missed in our development process. If you find a qualifying bug, we will acknowledge your contribution and give you a bounty award.

Learn more about our bug bounty program

Vulnerability disclosure policy

Our guidelines for security researchers on how to conduct ethical research and coordinate disclosure of security vulnerabilities to Proton.

Read our vulnerability disclosure policy

Safe harbour policy

Proton’s legal safe harbor policy granting protection from liability when reporting vulnerabilities through our bug bounty program.

Read our safe harbor policy

Report a bug

If you’ve found a bug, report it to us directly. This helps us make our apps better and more secure.

Submit a report

Proton news

Learn more about Proton’s services, latest updates, security audits, and engineering work.

Read Proton news

Threat and security models

Proton services are designed to guard against a broad range of threats, though no app can guarantee your security.
Our threat models describe the threats Proton services can and cannot counter, and our security models offer an in-depth, technical explanation of how our services’ encryption works...