We protect
open source code.

Earn money for finding & fixing security vulnerabilities in open source projects and be recognised for protecting the world.

90% of users

Got their first CVE

1.7 CVEs

Avg. per user

Our code runs in 100+ repos

Back glow Disclosure page

The biggest bug bounty board in the world

With an almost unlimited scope, you will never fight with someone else over the same bounty.

Submit a disclosure

Back glow Bounty disclosure detail page

Public write-ups

Once validated and patched, your disclosure write-up will be public.

Bounty list page

Pick and fix

If you don't have the skill to disclose, we also reward bounties for fixing verified vulnerabilities.

Browse live bounties

GitHub interaction screenshot

Work with the best

Collaborate and build relationships with the linchpins of open source: maintainers.

CVE GitHub screenshot

Be globally recognised

As a CNA, we can assign CVEs against your verified advisories.

User profile page screenshot

Show off

Your work, impact and achievements in one public place.