{"id":42322324,"url":"https://github.com/antoinet/swiss-bugbounty-programs","last_synced_at":"2026-01-27T12:44:15.712Z","repository":{"id":42370586,"uuid":"421961619","full_name":"antoinet/swiss-bugbounty-programs","owner":"antoinet","description":"List of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland","archived":false,"fork":false,"pushed_at":"2025-03-15T09:25:59.000Z","size":38,"stargazers_count":72,"open_issues_count":1,"forks_count":15,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-03-15T10:25:54.511Z","etag":null,"topics":["bug-bounty","bugbounty","security","switzerland","vulnerability-management"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/antoinet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-10-27T20:17:45.000Z","updated_at":"2025-03-15T09:26:03.000Z","dependencies_parsed_at":"2023-01-21T11:09:44.109Z","dependency_job_id":"5e356063-7521-4c4c-9756-1da5a087cb99","html_url":"https://github.com/antoinet/swiss-bugbounty-programs","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/antoinet/swiss-bugbounty-programs","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antoinet%2Fswiss-bugbounty-programs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antoinet%2Fswiss-bugbounty-programs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antoinet%2Fswiss-bugbounty-programs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antoinet%2Fswiss-bugbounty-programs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/antoinet","download_url":"https://codeload.github.com/antoinet/swiss-bugbounty-programs/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antoinet%2Fswiss-bugbounty-programs/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28813215,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T12:25:15.069Z","status":"ssl_error","status_checked_at":"2026-01-27T12:25:05.297Z","response_time":168,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bug-bounty","bugbounty","security","switzerland","vulnerability-management"],"created_at":"2026-01-27T12:44:14.070Z","updated_at":"2026-01-27T12:44:15.702Z","avatar_url":"https://github.com/antoinet.png","language":null,"funding_links":[],"categories":["bugbounty"],"sub_categories":[],"readme":"This website is an attempt to list open bug bounty and coordinated vulnerability disclosure programs in Switzerland. Feel free to contribute by submitting PRs.\n\nThis listing is best viewed on [github pages](https://antoinet.github.io/swiss-bugbounty-programs/).\n\n## Bug Bounty Program\n\n| Company / Org | Visibility    | Scope        | CH Legal Safe Harbor | Notes / Comments |\n| ------------- | ------------- | ------------ | -------------------- | ---------------- |\n| [20min.ch](https://bugcrowd.com/twentyminuten) | public | selected systems | | US based Legal Safe Harbor |\n| [Abraxas](https://www.bugbounty.ch/abraxas) | public | selected systems | yes | [Public Blog](https://blog.abraxas.ch/de) about their Bug Bounty experiences |\n| [Abraxas](https://www.abraxas.ch/bugbounty) | semi-public | selected systems | yes |  |\n| [Airlock](https://hackerone.com/airlock) | semi-public | selected systems |  | |\n| [BLS AG](https://app.gobugfree.com/programs/bls/protected) | semi-public | selected systems | yes | |\n| [Compass Security](https://bugbounty.compass-security.com/bug-bounties/compass-bug-bounty) | public | organization | yes | |\n| [fidentity AG](https://app.gobugfree.com/programs/fidentity) | public | selected systems | yes | |\n| [GObugfree](https://app.gobugfree.com/programs/bbh) | public | selected systems | yes | |\n| [Hacking-Lab](https://bugbounty.compass-security.com/bug-bounties/hacking-lab-bug-bounty) | public | organization | yes | |\n| [Hostpoint](https://www.hostpoint.ch/bugbounty/) | public | organization | | |\n| [Just Eat](https://www.just-eat.ch/bugbounty) | public | selected systems | | |\n| [localsearch](https://www.swisscom.ch/en/about/security/bug-bounty.html) | public | organization | yes | Runs as part of the Swisscom bug bounty program |\n| [netplus.ch SA](https://app.gobugfree.com/programs/netplus/protected) | semi-public | selected systems | yes | |\n| [Proton.me](https://proton.me/blog/protonmail-bug-bounty-program) | public | selected systems | | |\n| [Proton.me](https://www.bugbounty.ch/proton/) | semi-public | selected systems | yes | semi-private incubator to scale up the existing, public program |\n| [Proton VPN](https://protonvpn.com/blog/bug-bounty-program/) | public | selected systems | | |\n| [Republik](https://app.gobugfree.com/programs/republik) | public | selected systems | yes | |\n| [Ringier](https://go.bugbounty.ch/programs) | semi-public | selected systems | yes | |\n| [Roche](https://hackerone.com/roche) | semi-public | selected systems | yes | [Hackerone Gold Standard Safe Harbor](https://docs.hackerone.com/organizations/safe-harbor-faq.html) |\n| [SCIP](https://www.scip.ch/?bugbounty) | public | organization | | |\n| [SIX Group](https://www.six-group.com/en/company/governance/security.html) | semi-public | organization | yes | |\n| [Swiss Post](https://www.post.ch/en/about-us/responsibility/swiss-post-bug-bounty) | public | selected systems | yes | |\n| [Swisscom (AS 3303)](https://www.swisscom.ch/en/about/security/bug-bounty.html) | public | organization | yes | |\n| [Threema](https://app.gobugfree.com/programs/threema) | public | selected systems | yes | |\n| [TX Group](https://bugcrowd.com/tamedia) | public | selected systems | | US based Legal Safe Harbor |\n\n## Vulnerability Disclosure Policy\n\n| Company / Org | CH Legal Safe Harbor | Notes / Comments |\n| ------------- | -------------------- | ---------------- |\n| [ABB Group](https://global.abb/group/en/technology/cyber-security/alerts-and-notifications) |  | |\n| [Bexio](https://www.bexio.com/en-CH/policies/responsible-disclosure-policy) |  | |\n| [Cern](https://home.cern/sites/home.web.cern.ch/files/security.txt) |  | |\n| [Covid-19 certificate system](https://www.ncsc.admin.ch/ncsc/en/home/dokumentation/covid-certificate-pst/infos.html) | yes | |\n| [Digitec](https://www.digitec.ch/security)/[Galaxus](https://www.galaxus.ch/security) | yes | |\n| [EBU](https://www.ebu.ch/about/contact-us/vulnerability-disclosure) |  | |\n| [Kistler](https://www.kistler.com/en/vulnerability-disclosure-policy/) | yes | |\n| [Nexthink](https://www.nexthink.com/responsible-disclosure-policy/) |  | |\n| [SBB CFF FFS](https://company.sbb.ch/en/sbb-as-business-partner/services/vulnerability-disclosure-policy.html) | yes | |\n| [Shift Crypto](https://shiftcrypto.ch/policies/bug-bounty-policy/) |  | |\n| [Swiss Government](https://www.ncsc.admin.ch/ncsc/en/home/infos-fuer/infos-it-spezialisten/themen/schwachstelle-melden.html) |  | |\n| [SwissCovid Proximity Tracing System](https://www.ncsc.admin.ch/ncsc/en/home/dokumentation/covid-public-security-test/infos.html) | yes | |\n\n\n## security.txt\n\n| Company / Org | Notes / Comments |\n| ------------- | ---------------- |\n| [Abraxas](https://www.abraxas.ch/.well-known/security.txt) | |\n| [Abuse.ch](https://abuse.ch/.well-known/security.txt) | |\n| [Compass Security](https://www.compass-security.com/.well-known/security.txt) | |\n| [Cyon](https://www.cyon.ch/.well-known/security.txt) | |\n| [Digitec](https://www.digitec.ch/.well-known/security.txt) | |\n| [FAIRTIQ](https://fairtiq.com/.well-known/security.txt) | |\n| [Galaxus](https://www.galaxus.ch/.well-known/security.txt) | |\n| [Hacking-Lab](https://hacking-lab.com/.well-known/security.txt) | |\n| [Hostpoint](https://hostpoint.ch/.well-known/security.txt) | |\n| [Infomaniak](https://www.infomaniak.com/security.txt) | |\n| [International Labour Organization](https://ilo.org/.well-known/security.txt) | |\n| [Open Systems](https://www.open-systems.com/.well-known/security.txt) | |\n| [Pentagrid](https://www.pentagrid.ch/.well-known/security.txt) | |\n| [Pädagogische Hochschule Zürich](https://phzh.ch/.well-known/security.txt) | |\n| [Quickline (AS 15600)](https://www.as15600.net/.well-known/security.txt) | |\n| [Raiffeisen Schweiz Genossenschaft](https://www.raiffeisen.ch/.well-known/security.txt) | |\n| [Redguard](https://www.redguard.ch/.well-known/security.txt) | |\n| [Roche](https://www.roche.com/.well-known/security.txt) | |\n| [Rolex](https://www.rolex.com/.well-known/security.txt) | |\n| [Seantis](https://www.seantis.ch/.well-known/security.txt) | |\n| [SwissAnwalt](https://swissanwalt.ch/.well-known/security.txt) | |\n| [Swisscanto](https://www.swisscanto.com/.well-known/security.txt) | |\n| [Schwyz (Canton)](https://www.sz.ch/.well-known/security.txt) | |\n| [Swissquote Bank](https://en.swissquote.com/.well-known/security.txt) | |\n| [SWITCH (AS559)](https://www.switch.ch/.well-known/security.txt) | |\n| [Zürcher Kantonalbank (ZKB)](https://www.zkb.ch/.well-known/security.txt) | |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fantoinet%2Fswiss-bugbounty-programs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fantoinet%2Fswiss-bugbounty-programs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fantoinet%2Fswiss-bugbounty-programs/lists"}