Skip to main content
Polygon Labs bases its security program on ISO 27001 and follows OWASP recommendations for secure software development. Security practices are applied across all stages of operations, from development through deployment and ongoing monitoring.

Security team

Polygon Labs maintains an in-house security team of 10+ full-time security engineers and leaders. The team participates in the broader web3 ecosystem and contributes to security standards and practices across the industry.

Continuous monitoring

Polygon Labs monitors blockchain infrastructure for suspicious activity on behalf of the community. The security team works alongside Polygon Labs engineers and external industry experts to track known vulnerabilities in the space.

Periodic security assessments

Polygon Labs periodically assesses the security of its software and applications through internal testing and external engagements, including audits and penetration testing. All software and applications have been assessed multiple times. Security assessments evolve as the industry matures.

Bug bounty program

Polygon Labs runs ongoing bug bounty programs on leading platforms. Rewards reach up to $1M for reported vulnerabilities in Polygon network infrastructure. See Bug bounty programs for details on active programs and scope.

Developer community

Polygon Labs supports the developer community in surfacing vulnerabilities before they can be exploited. All code undergoes heavy testing. Development practices follow the Secure Software Development Lifecycle. See Software development for details.