HackerOne has unveiled a partnership with the Government Technology Agency of Singapore (GovTech) and the Cyber Security Agency of Singapore (CSA) in an effort to reduce risk and boost cyber security practices.
As a hacker-powered security platform, HackerOne will work with hackers from across the world to test public-facing government systems in Singapore. The move represents HackerOne’s third bug bounty initiative with the Singapore Government, following prior programs with GovTech and MINDEF Singapore.
The initiative will invite a select group of “proven ethical hackers” to test GovTech’s systems in exchange for a monetary reward, or bounty, for valid reported security weaknesses.
GovTech Singapore joins government agencies such as Singapore MINDEF, the U.S. Department of Defense, U.S. General Service Administration, NCSC, and the European Commission that have selected HackerOne to leverage the global hacker community to detect unknown security vulnerabilities.
Other organisations that work with hackers to improve cyber security include Alibaba, Grab, Toyota and PayPal, in addition to Google Play, Nintendo, General Motors and Starbucks among others.
“GovTech and the Singapore Government are among the world’s leaders in cybersecurity,” said Paul Griffin, director of program management at HackerOne. “Tapping the skilled and global hacker community is the most efficient way to approach security testing. The latest bug bounty program continues to signal momentum in the constant battle against malicious actors on the Internet.”
The Singapore Government’s latest bug bounty program is part of a “strategic initiative and commitment” to build a “secure and resilient” country by strengthening collaboration with the cyber security industry and community.
GovTech’s bug bounty program will run from July to August 2019, spanning nine Internet-facing government digital services and information and communication technology systems with high user interaction.
Roughly 200 proven international hackers and 100 local hackers will be invited to participate based on previous performance metrics on the HackerOne platform.
Bounties for this GovTech program will range from $250 to $10,000 per valid unique security vulnerability report, depending on severity. Results of the program will be announced in September 2019.