Matomo is the leading open-source analytics solution free from data limitations.
As our mission states, we aim to create, as a community, the leading open digital analytics platform that gives every user full control of their data.
To do this, we operate a Security Bug Bounty Programme. This programme is designed to reward the hard work of skilled security researchers who sacrifice their time and energy to find and report security and vulnerabilities.
To continue our investment in security, privacy and transparency, we are increasing the security bug bounty reward to as much as $10,000 USD. This is an increase of 100% from our previous 2020 bug bounty announcement.
How much can I earn for reporting security bugs?
Reward amounts vary depending on the impact:
- Low issues receive $222
- Medium issues receive $555
- High issues receive $1,000
- Critical issues receive $10,000
How can I take part?
As of January 2022, global independent security researchers have identified and suggested 138 security related improvements. If you are interested in joining this growing community, head to our Security Bug Bounty Programme to find out how you can take part.
We thank you for keeping Matomo safe for our users and theirs.
Matomo is the leading open-source analytics solution free from data limitations. Make more informed decisions and enhance your customer experience while ensuring data privacy and ownership. Matomo is the trusted solution for over 1.5 million websites globally. Take back control of your data ownership and challenge the status quo.