Responsible Vulnerability Disclosure

Security researchers interested in reporting security vulnerabilities to the Netflix security team can do so via our Bug Bounty program.

If you are a Netflix member and have questions concerning fraud or malware, please see the following support pages:

If you are a customer seeking information on your account, billing, or site content, please reach out to customer support via phone or live chat.

Security Researcher Hall of Fame

Netflix would like to thank the following researchers for participating in our responsible disclosure program.

Participating Security Researchers - 2018

  • Zhiyong Feng (@YongShao_feng)

  • Giannino Cuignet (@Zettersploit)

  • Mateusz Olejarka (@molejarka)

  • Nathan Kift

  • 3p1c

  • Anon_Hunter

  • ansariosama

  • bbuerhaus

  • Bitquark

  • bored-engineer

  • cablej

  • dawgyg

  • DDV_UA

  • dkd

  • fransrosen

  • fyoorer

  • Gillis57

  • hateshape

  • infosec_au

  • kazan71p

  • Khalidamin

  • Lucio

  • Mahmoud0x00

  • mattreduce

  • mhmdiaa

  • mongo

  • mystech7

  • phackt

  • pranav_hivarekar

  • randomdeduction

  • reptou

  • restricted

  • Tak

  • TechGuySarath

  • testalways

  • vhssunny1

  • vijay_kumar1110

  • yassineaboukir

Participating Security Researchers - 2017

  • Sumit Sahoo (@54H00)

  • Suyog Palav (@SuyogPalav555)

  • Maurice Dibbets

  • Jon Bottarini (@jon_bottarini)

  • Dhaval Chauhan (@17haval)

  • Jean St-Laurent (@JeanDebogue)

  • Eusebiu Blindu (@testalways)

  • Akash Saxena (@AkashSaxena21)

  • Joshua Hnat

  • Jack Whitton (@fin1te)

  • Warren Doyle (@wdoyle2)

  • Ashish Kumar Agarwal (@ashishag29)

  • Marek Szustak (@mszustak)

  • GwanYeong Kim (@sec_karas)

  • Raad Firas Haddad (@raadfhaddad)

  • Rémy Marot (@R_Marot)

  • Vineet Kumar (@the_real_clown)

  • Wen Bin KONG (@kongwenbin)

  • Dor Shahaf

  • Ali Hassan Ghori (@alihasanghauri)

  • Vinicius Valerio (@5ub50l0)

  • 0ang3el

  • ashishag29

  • bbhunter

  • bigBugGuy

  • cha5m

  • darshitvarotaria

  • Ebrietas

  • fuzzybear

  • harisec

  • HusseiN98D

  • IamBull

  • jeandebogue

  • Joseph96

  • jutsuce

  • KernelPanic

  • koen

  • kongwenbin

  • Lucio

  • magic

  • mhmdiaa

  • mlitchfield

  • molejarka

  • mongo

  • Myster

  • Nahamsec

  • oxy_gen

  • raad

  • Ramirez

  • reptou

  • restricted

  • robinooklay

  • sh3ll

  • swapneil

  • testalways

  • tvmpt

  • ulas

  • Wh11teW0lf

  • yellowflash

  • zeecoder

Participating Security Researchers - 2016

  • Fredrik Nordberg Almroth (@almroot)

  • Ofer Gayer (@ZigZag_IL)

  • Daniel Bakker (@jackds1986)

  • Ahmed Adel Abdelfattah (@00SystemError00)

  • Mustafa Hasan (@strukt93)

  • Gerardo Venegas (@v0raz)

  • Mikołaj Dądela (@mik01aj)

  • Marwan Medhat (@SpringStatue)

  • Nenad Borovčanin (@nenad_b97)

  • Bernardo Diaz (@bada_77)

  • Caden Sumner (@CadenSumner)

  • David Moore (@grajagandev)

  • Eric Head (@codecancare)

  • Ruslan Bakhvala (@ruslan_bakhvala)

  • Robert Adam (@robertadam0)

  • Brett Buerhaus (@bbuerhaus)

  • Ben Sadeghipour (@NahamSec)

  • Jake Reynolds (@jreynoldsdev)

  • Mohammad Aman Khan (@khn_amn)

  • Keith Gardner (@kreios4004)

  • Anas Falhi (@M0ti0nl3ss_)

  • Jon Bottarini (@jon_bottarini)

  • Teemu Kääriäinen (@NixuTigerTeam

  • Tommy DeVoss (@thedawgyg)

  • David Mann (@stembrain)

  • Anand Bhat (@_anandbhat)

  • Shay Shavit (@Chapakpuk)

  • Djaballah Mohamed Taher (@Djaballah_Med_T)

  • Rakesh Chinna (@rakesh_3895)

  • Naftali Rosenbaum

  • Arne Swinnen (@arneswinnen)

  • David Wind (@slashcrypto)

  • Michael Carlson (@blainecarlson)

  • Yasin Soliman (@SecurityYasin)

  • Abner Mendoza

  • Phakpoom Chinprutthiwong

  • Suleman Malik (@sulemanmalik_3)

  • Ali Hassan Ghori (@alihasanghauri)

  • 0ang3el

  • adrianbelen

  • arneswinnen

  • blum

  • Chapuka

  • Djaballah-Mohamed-Taher

  • fdivrp

  • greyhat

  • Lucio

  • mikkz

  • mongo

  • mszustak

  • reactors08

  • rsaxvc

  • rshupak

  • slashcrypto

  • ulas

  • vhssunny1

  • ysx

Participating Security Researchers - 2015

  • Fredrik Nordberg Almroth (@almroot)

  • Jonathan Conerly

  • Ali Hassan Ghori (@alihasanghauri)

  • Behrouz Sadeghipour and Patrik Fehrenbach (@NahamSec)

  • Stephen Tomkinson (@neonbunny9)

  • David Dworken (@ddworken)

  • White Rabbitz (GER)

  • Christopher Presley (@The_Beard_Lives)

  • @insaneasusual

  • Mo'men Basel (@MomenBassel)

  • jamm0 (@jamm0us)

  • MentaL (@ragezone)

  • Frank B. Vickers (@SarccastikDude)

  • Ashar Javed (@soaj1664ashar)

  • Abdel Hafid Ait Chikh (@HafidAitChikh)

  • Guillaume Prieur (@gplaurin)

  • Jesse Clark (@Hogarth45_ND)

  • Ryan Preston (@ripr4p)

  • Mikael Byström (@gsocgsoc)

  • Tod Beardsley (@todb)

Participating Security Researchers - 2014

  • Ali Hassan Ghori (@alihasanghauri)

  • Cameron Crowley (@crowley_cam)

  • S.Venkatesh (@PranavVenkatS)

  • Rodolfo Godalle, Jr. (@rodgodalle)

  • Garrett Calpouzos (@GCalps)

  • Guillermo Gabarrín (@ggabarrin9)

  • Kamil Sevi (@kamilsevi)

  • Waqeeh Ul Hasan (@dowaqeeh)

  • Jared Perry (@jared_perry)

  • Robert Williamson (@bobbyman3)

  • Burak Bakir (@pr3d1c7)

  • Andrew Neculaesei (@neculaesei)

  • Ketan Sirigiri (@Cigniti)

  • Gineesh George (@g1n1_influenza)

  • Dan Singerman (@dansingerman)

  • Kenneth F. Belva (@infosecmaverick)

  • Akbar Qureshi (@_AkbarQ)

  • Web Plus

  • Ch. Muhammad Osama (@ChMuhammadOsama)

  • Nitin Goplani (@nitingoplani88)

  • Marcin Piosek (@piochu)

  • Abderrazak YS. (@Y33OULS)

  • Han Lee (@_hanlee)

  • Caleb Watt (@calebwatt15)

  • Krishna Chaitanya Kadaba (@cigniti)

  • Gustavo de Oliveira (@highustavo)

  • Sergio Galán (@NaxoneZ)

  • Rafael Pablos

  • kminthant (@psxchotic)

  • Louis Nadeau (@cybpoulet)

  • Kyle Davidson (@X942_Dev)

  • Robert Verderame (@robertverderame)

  • Olivier Beg (@smiegles)

  • Tim Jenson (@timFGO)

  • Robert Daniel (@_drxp)

  • Danish Tariq

  • Justin Kennedy (@jstnkndy)

  • Christopher Presley (@The_Beard_Lives)

  • Malte Batram (@_batram)

  • David Middlehurst (@dtmsecurity)

  • Francisco Correa (@panchocosil)

  • Mohamed Abdelbaset Elnoby (@SymbianSyMoh)

  • Jack (@linkcabin)

  • David Vieira-Kurz (@secalert)

Participating Security Researchers - 2013

  • Paul Scott

  • Jack W (@fin1te)

  • Murat Suljovic

  • Rakan Alotaibi (@hxteam)

  • Reginaldo Silva (@reginaldojsf)

  • Rafay Baloch (@rafaybaloch)

  • Kamil Sevi (@kamilsevi)

  • Chiragh Dewan (@ChiraghDewan)

  • Frans Rosén

  • Sabari Selvan (@EHackerNews)

  • Adam Ziaja (@adamziaja)

  • Yuji Kosuga (@yujikosuga)

  • Emanuel Bronshtein (@e3amn2l)

  • Siddhesh Gawde

  • Malte Batram (@_batram)

  • Ahmad Ashraff (@yappare)

  • Camilo Galdos Aka Dedalo (@SeguridadBlanca)

  • Sergiu Dragos Bogdan

  • Aditya K. Sood (@AdityaKSood)

  • Mohankumar Vengatachalam (@vimokumar)

  • Johnathan Kuskos (@johnathankuskos)

  • Evgueni Erchov (@EErchov)

  • Dylan S. Hailey (@TibitXimer)

  • Rajat Bhargava

  • Ehraz Ahmed (@securityexe)

  • Abhinav Karnawat (w4rri0r)

  • Ajay Singh Negi (@AjaySinghNegi)

  • Peter Jaric (@peterjaric)

  • David Hoyt (@cloudscan)

  • Tarek Siddiki

  • Devesh Bhatt (@deveshbhatt11)

  • Defencely @Defencely

  • Matt Ashburn @mattashburn

  • Yaroslav Olejnik - O.J.A. (@oja_c7s)

  • Rupesh Reddy ( _hck3r )

  • Stewart Anderson (@StewieMAnderson)

  • Florindarck (@QuisterTow)

  • Ali Hassan Ghori (@alihasanghauri)

  • Muhammad Shahmeer (@Shahmeer_Amir)

globe