Report a Security Vulnerability

Overview
Acknowledgement

At Proofpoint our top priority is protecting the way people work today. We value the security research community and encourage responsible reporting of potential security vulnerabilities. Our security team is dedicated to working with you to validate and respond to legitimate reports. If you believe you've identified a potential security vulnerability, please email your discovery to

We encourage people who contact Proofpoint Security to use email encryption, using our PGP encryption key:

Encryption Key

Fingerprint 806E 0096 7B5E 6E50 4C6B 083D 88B3 C1DA 8125 69D4

We ask that you do not share or publicize an unresolved vulnerability. If you responsibly submit a vulnerability report, the Proofpoint security team will use reasonable efforts to:

- Validate the reported vulnerability. If additional information is required in order to validate or reproduce the issue, Proofpoint will work with you to obtain it
- Keep you informed of our progress as we investigate your reported security concern
- Notify you when the vulnerability has been fixed
- Publicly acknowledge your responsible disclosure (unless you prefer anonymity)

Hall of Fame

Proofpoint appreciates every security researcher who submits a vulnerability report which helps us improve our security and that of our customers. We maintain a Hall of Fame to recognize contributors for working with our Security team to resolve these vulnerabilities. If you have reported a vulnerability in the past but do not see your name listed below, please reach out to us at

The individuals and organizations listed in our Hall of Fame have given us permission to publicly acknowledge their efforts.

2019

Johnny Yu

Twitter: straight_blast

Vismit Sudhir Rakhecha (Druk)
LinkedIn: vismit-sudhir-rakhecha-76209523

2018

Raul Jimenez, Cory Thompson, Peter Yu
Texas A&M Rural and Community Health Institute

Ismail Tasdelen
LinkedIn: ismailtasdelen

Vineet Kumar

2017

David Krause
HCA Healthcare

Pal Patel
Facebook: sam.patel.9822

Hanson Nottingham
Cyber Security | Red Team
Blue Shield of California

Guifre Ruiz
Twitter: guifreruiz

Edward Farrell
Mercury Information Security Services

2016

Eusebiu Blindu
Twitter: testalways

Thomas SABONO

Borja Berastegui

2015

Ketankumar B. Godhani
LinkedIn: ketankumargodhani

Henri Salo

Email Protection

Advanced Threat Protection

Security Awareness Training

Cloud App Security

Archiving and Compliance

Information Protection

Digital Risk Protection

Office 365

EU General Data Protection Regulation (GDPR)

Next Generation Compliance Solutions

Email Fraud

Digital Brand, Security and Compliance Risk

Social Media Compliance

Replace McAfee Email Security Products

Channel Partners

Archive Extraction Partners

Technology and Alliance Partners

Social Media Protection Partners

Resource Library

Blog

Events Connect

Customer Stories

Webinars

About Proofpoint

Careers

Investor Center

News Center

Report a Security Vulnerability

Hall of Fame

2019

2018

2017

2016

2015

About

Threat Center

Products

Resources

Connect

Support