swa66 - 8:56 pm on Jun 25, 2013 (gmt 0)
Apple only has a published email address ( email@example.com) to contact them, no bounty program AFAIK. Apple does systematically give credit to those that help them.
(Miscrosoft does too, but only if you follow their rules and have the patience needed for their slow process)
Google has a Bounty program.
Vendors and products:
CCBbill: [ccbill.com...] and [ccbill.com...]
Cisco Meraki: [meraki.cisco.com...]
Coinbase (bitcoin): https://coinbase.com/whitehat
Google's program: [google.com...]
Hex ray (IDA): https://www.hex-rays.com/bugbounty.shtml
Samsung (smart TV): https://samsungtvbounty.com/
Beyond security: [beyondsecurity.com...]
Exploithub (they sell exploits ina marketplace, I won't link)
Packet Storm: [packetstormsecurity.com...]
There are more programs out there, I've not tried to keep a complete list, and there are also quite a few that just give mentions, links, t-shirts and the like - I've also not included those above.
I hope the links are OK. As far as I know none are dangerous to visit. BUT not everything might be suitable for work. Take care if your corporate security is rather tight, they might disapprove of some of the content.