IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Singapore government expands bug bounty programme

White hat hackers could earn up to $5,000 for any vulnerabilities they report through HackerOne

The Singapore government is expanding its bug bounty programme to enable which white hat hackers to earn up to $5,000 for vulnerabilities they report through HackerOne.

The Government Technology Agency (GovTech) has launched a new Vulnerability Rewards Programme (VRP) as part of its Government Bug Bounty Programme (GBBP) and Vulnerability Disclosure Programme (VDP) which it says will supplement its suite of cyber security capabilities.

The VRP aims to continuously test a wider range of critical ICT systems necessary for the continuous delivery of essential services in the country’s digital economy, the government stated.

The programme offers monetary rewards ranging from $250 to $5,000 to white hat hackers depending on the severity of vulnerabilities discovered. It is also offering a special bounty of $150,000 for the discovery of vulnerabilities that could cause “exceptional impact on selected systems and data”, which is benchmarked against other bounty programmes conducted by global tech firms like Google and Microsoft.

“Since the launch of our first crowdsourced vulnerability discovery programme in 2018, we have partnered with over 1,000 highly skilled white hat hackers to discover about 500 valid vulnerabilities,” said Lim Bee Kwan, assistant chief executive for governance and cybersecurity at GovTech.

Related Resource

The Total Economic Impact™ of Mimecast

Cost savings and business benefits enabled by using Mimecast with Microsoft 365

Total economic impact of Mimecast - whitepaper from MimecastFree download

“The new Vulnerability Rewards Programme will allow the Government to further tap the global pool of cybersecurity talents to put our critical systems to the test, keeping citizens’ data secured to build a safe and secure Smart Nation.”

Currently, the programme will cover three systems, Singpass and Corppass (GovTech), Member e-services (Ministry of Manpower), and Workpass Integrated System 2 (Ministry of Manpower), with more critical ICT systems set to be added to the programme in the future.

The government said that only white hat hackers who have met strict criteria will be allowed to participate, as “these are systems that are critical to the delivery of essential government services”. The checks will be carried out by HackerOne and registered participants will carry out security testing through a VPN, which will also be provided by the bug bounty company.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Recommended

Japan considers creating new cyber defence agency as attacks ramp up in region
cyber attacks

Japan considers creating new cyber defence agency as attacks ramp up in region

24 Nov 2022
UK follows EU in securing data deal with South Korea
Policy & legislation

UK follows EU in securing data deal with South Korea

23 Nov 2022
Inside Singapore’s mission to infuse itself with technology
digital transformation

Inside Singapore’s mission to infuse itself with technology

23 Nov 2022
India’s new data protection bill continues to “facilitate state surveillance”
Policy & legislation

India’s new data protection bill continues to “facilitate state surveillance”

21 Nov 2022

Most Popular

The top 12 password-cracking techniques used by hackers
Security

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022