Bitpanda believes effective disclosure of security vulnerabilities requires mutual trust, respect, transparency and common good between Bitpanda and Security Researchers. Together, our vigilant expertise promotes the continued security and privacy of Bitpanda customers, products, and services.
Bitpanda accepts vulnerability reports from all sources, such as independent security researchers, industry partners, vendors, customers and consultants. Bitpanda defines a security vulnerability as an unintended weakness or exposure that could be used to compromise the integrity, availability or confidentiality of our products and services.
This policy applies to any digital assets owned, operated, or maintained by Bitpanda, including public facing websites.
Bitpanda recommends that security researchers share the details of any suspected vulnerabilities across any asset owned, controlled, or operated by Bitpanda (or that would reasonably impact the security of Bitpanda and our users) using the web form below. The Bitpanda Security team will acknowledge receipt of each vulnerability report, conduct a thorough investigation, and then take appropriate action for resolution.
Rewards will be paid out in Bitcoins (BTC)
Payments will be made exclusively through our platform. To do so, you must have a verified account in Bitpanda. Once your submission is accepted, please provide either of the following to receive your reward:
Before submitting a report, please familiarize yourself with the Bitpanda Security Bug Bounty Program, which includes pertinent details, documentation, and vulnerability classifications. Please follow this link to access the program: