Let's secure open source code, together

Find and fix open source vulnerabilities - be recognised for protecting millions developers and organisations!

No email/password required!

How it works

Open source security made simple


Dive into open source, and discover new vulnerabilities


Pick a bounty, submit your fix, and show off your skills


We review weekly, with cash and credits to be won


Meet new people, work together and develop your profile


Think you have found a vulnerability in open source?

Sign in with GitHub

At the click of a button, you can join our platform with your GitHub account and get started.

Submit your findings

Find a vulnerability, fill out our disclosure template, and submit your pull request.

Earn your reward

After we have verified your disclosure, you get paid!



Got the skills to fix a vulnerability in open source?

Pick a vulnerability

Check out the bounty board, pick one that suits you, and create a fork.

Submit your fix

Simply download the code, write your patch, and open a pull request.

Challenge yourself

Take on difficult bounties, work your way up the leaderboard, and develop your personal profile.

Where we've been

Good will fixing

All fixes and disclosures we receive are pumped back into the open source ecosystem,
so everyone benefits.

All for one and one for all

We want to work with you to ensure that we are helping secure open source in the ways that matter most. Have an idea? Get in touch!

Backed by enterprise

We work with organisations who are enthusiastic about paying their fair share to keep the open source ecosystem secure.

Ready to contribute to open source?