HackerOne Singapore’s Government Technology Agency (GovTech), supported by the Cyber Security Agency of Singapore (CSA) announced the results of its third Government Bug Bounty Programme (GBBP), part of the Singapore Government’s ongoing initiative to build a secure and resilient Smart Nation, a government-wide initiative to improve the lives of citizens and increase business opportunities through the adoption of digital and smart technologies throughout Singapore.
Nearly 300 white hat hackers from around the world participated in GovTech’s third bug bounty program from November 18 to December 8, 2019, testing 13 public government Information and Communication Technology (ICT) systems, digital services and mobile applications with high end user touchpoints.
Hacker-powered security continues to be key in GovTech’s approach to cybersecurity, with three bug bounty programs successfully completed to date with HackerOne and a recently launched vulnerability disclosure program that allows any ethical hacker in the world to disclose a vulnerability at any time to GovTech.
Hackers discovered a total of 33 valid security vulnerabilities and earned US$30,800 in bounties, financial incentives awarded for submitting valid security vulnerabilities, making this the most successful program to date for the agency. Hackers from across the globe participated, including 72 local Singaporean hackers.
GovTech’s first bug bounty challenge was launched in December 2018 and a second program in July 2019. HackerOne continues to be selected to manage GovTech’s bug bounty programmes because of its proven track record of success with government agencies globally, including its work with the U.S. Department of Defense and the European Commission. HackerOne has the largest global ethical hacker community – over 600,000 strong representing 170 countries around the world.
The Singapore Government announced last month a budget commitment of one billion Singaporean dollars over the next three years to help the government’s cyber and data security capabilities.