HackerOne, GovTech and CSA to push through second bug bounty programme

The first leg of the programme reported 26 valid vulnerabilities in the government’s systems.

HackerOne, Singapore’s Government Technology Agency (GovTech) and Cyber Security Agency of Singapore (CSA) announced that they will launch the second Government Bug Bounty Programme (GBBP), following the said success of the first one.

During the first GBBP that ran from 27 December 2018 to 16 January 2019, 400 hackers were able to to test five internet-facing government systems. 26 valid vulnerabilities were reported through the GBBP on HackerOne, seven were considered low severity, 18 were medium severity, and one was high severity.

Hackers have earned a total of $15,924.78 (US$11,750) for the reported vulnerabilities.

GBBP is part of the government’s ongoing initiative to improve the security of its cyberspace.