swiss-bugbounty-programs

List of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland

View on GitHub

This website is an attempt to list open bug bounty and coordinated vulnerability disclosure programs in Switzerland. Feel free to contribute by submitting PRs.

This listing is best viewed on github pages.

Bug Bounty Program

Company / Org Visibility Scope CH Legal Safe Harbor Notes / Comments
20min.ch public selected systems   US based Legal Safe Harbor
Abraxas public selected systems yes Public Blog about their Bug Bounty experiences
Abraxas semi-public selected systems yes  
Airlock semi-public selected systems    
BLS AG semi-public selected systems yes  
Compass Security public organization yes  
fidentity AG public selected systems yes  
GObugfree public selected systems yes  
Hacking-Lab public organization yes  
Hostpoint public organization    
Just Eat public selected systems    
localsearch public organization yes Runs as part of the Swisscom bug bounty program
netplus.ch SA semi-public selected systems yes  
Proton.me public selected systems    
Proton.me semi-public selected systems yes semi-private incubator to scale up the existing, public program
Proton VPN public selected systems    
Republik public selected systems yes  
Ringier semi-public selected systems yes  
Roche semi-public selected systems yes Hackerone Gold Standard Safe Harbor
SCIP public organization    
SIX Group semi-public organization yes  
Swiss Post public selected systems yes  
Swisscom (AS 3303) public organization yes  
Threema public selected systems yes  
TX Group public selected systems   US based Legal Safe Harbor

Vulnerability Disclosure Policy

Company / Org CH Legal Safe Harbor Notes / Comments
ABB Group    
Bexio    
Cern    
Covid-19 certificate system yes  
EBU    
Kistler yes  
Nexthink    
SBB CFF FFS yes  
Shift Crypto    
Swiss Government    
SwissCovid Proximity Tracing System yes  

security.txt

Company / Org Notes / Comments
Abraxas  
Abuse.ch  
Compass Security  
Cyon  
Digitec  
FAIRTIQ  
Galaxus  
Hacking-Lab  
Hostpoint  
Infomaniak  
International Labour Organization  
Open Systems  
Pentagrid  
Pädagogische Hochschule Zürich  
Quickline (AS 15600)  
Raiffeisen Schweiz Genossenschaft  
Redguard  
Roche  
Rolex  
Seantis  
SwissAnwalt  
Swisscanto  
Schwyz (Canton)  
Swissquote Bank  
SWITCH (AS559)  
Zürcher Kantonalbank (ZKB)