Cybersecurity

Singapore government announces third HackerOne bug bounty program

HackerOne, the leading hacker-powered security platform, today announced it will partner with the Government Technology Agency of Singapore (GovTech) and the Cyber Security Agency of Singapore (CSA), to work with hackers from all over the world to further protect Singapore citizens by testing public-facing government systems. This is HackerOne’s third bug bounty initiative with the Singapore Government, following successful prior programs with GovTech and MINDEF Singapore.

The bug bounty initiative will invite a select group of proven ethical hackers to test GovTech’s systems in exchange for a monetary reward, or bounty, for valid reported security weaknesses. Bug bounty programs are an industry best practice, implemented by public and private sector organizations across industries and regions. GovTech Singapore joins government agencies like Singapore MINDEF, the U.S. Department of Defense, U.S. General Service Administration, NCSC, and the European Commission who have selected HackerOne to leverage the global hacker community to detect unknown security vulnerabilities before they can be exploited by criminals. Other leading organizations that work with hackers to improve cybersecurity include Alibaba, Grab, Toyota, PayPal, Google Play, Nintendo, General Motors, Starbucks, and others.

“GovTech and the Singapore Government are among the world’s leaders in cybersecurity,” said Paul Griffin, Director of Program Management at HackerOne. “Tapping the skilled and global hacker community is the most efficient way to approach security testing. The latest bug bounty program continues to signal momentum in the constant battle against malicious actors on the Internet.”

The Singapore Government’s latest bug bounty program is part of a strategic initiative and commitment to building a secure and resilient Smart Nation by strengthening collaboration with the cybersecurity industry and community. GovTech’s bug bounty program will run from July to August 2019 and will cover nine Internet-facing government digital services and information and communication technology systems with high user interaction. Roughly 200 proven international hackers and 100 local hackers will be invited to participate based on previous performance metrics on the HackerOne platform. Bounties for this GovTech program will range from US$250 to US$10,000 per valid unique security vulnerability report, depending on severity. Results of the program will be announced on September 2019.

This third HackerOne bug bounty program and follows the success of GovTech’s prior bug bounty program, which concluded in February 2019. About 400 local and overseas ethical hackers took part in the most recent GovTech bug bounty program, uncovering 26 vulnerabilities and earning participating hackers a total of nearly US$12,000 in bounties. Similarly, MINDEF concluded a successful bug bounty challenge in early 2018 with HackerOne hackers, resulting in 35 safely resolved security weaknesses.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.