Last updated October 2021
At ProtonMail, security is our highest priority and something that we work on day and night to improve. We have been very fortunate to have several individuals and organizations step forward to assist us with security auditing. We are a small group that is largely supported by donations and grants so we typically do not offer financial incentives to security contributors. While we do have an unofficial bug bounty program, most of the contributors listed below have donated their time and effort because they believe in online privacy and the right to anonymous email.
If you would like to help audit the ProtonMail code, please reach out and let us know! And if we forgot to mention you below, let us know and we will add you right away, we actually don’t know who some of you are because ProtonMail users are anonymous.
Cyberkov – Cyberkov is a professional IT security services and consultation firm that provides a highly targeted set of security services, including but not limited to: Penetration Testing, Vulnerability Assessments, Security Assessments, Digital Forensics, Incident Response, Source Code Analysis, and Security Awareness Training. [Audit performed, May 2014, April 2016]
Hermes Security Solutions – Hermes Security Solutions offers advanced offensive security solutions, and its expert team specializes in offensive security at the business level. It performs internal audits, external audits, blind audits, advanced penetration testing, vulnerability assessments, and advanced security assessments.
M.R.Vignesh Kumar (ம.ரா.விக்னேஷ் குமார்) – Security Researcher, தமிழ்நாடு
Thomas Roth – Security Researcher
Matthew R Price
Ivan Krasin – Google Inc
Maxim Rupp – cure53.de
Mazin Ahmed [Audit performed, July 2014]
(Kai) Hrafnkell Gudmundsson
Daniel De Almeida Braga