Proton security response center
We are the Proton Security team, responsible for working with security researchers to protect our apps and your data. Your security is our top priority.
Security researchers are integral to finding bugs that were missed in our development process. If you find a qualifying bug, we will acknowledge your contribution and give you a bounty award.
Vulnerability disclosure policy
Our guidelines for security researchers on how to conduct ethical research and coordinate disclosure of security vulnerabilities to Proton.
Safe harbour policy
Proton’s legal safe harbor policy granting protection from liability when reporting vulnerabilities through our bug bounty program.
Report a bug
If you’ve found a bug, report it to us directly. This helps us make our apps better and more secure.
Learn more about Proton’s services, latest updates, security audits, and engineering work.
Threat and security models
Proton services are designed to guard against a broad range of threats, though no app can guarantee your security. Our threat models describe the threats Proton services can and cannot counter, and our security models offer an in-depth, technical explanation of how our services’ encryption works...