HackerOne, the number one hacker-powered pentesting and bug bounty platform, will be conducting its second bug bounty program with the Ministry of Defence, Singapore (MINDEF).
The three-week challenge will run from September 30, 2019 to October 21, 2019, and will bring together trusted hackers from around the world to test 11 government-owned targets, including websites and public digital systems belonging to MINDEF/Singapore Armed Forces (SAF) and other agencies in the defence sector.
Hackers will search these systems for security weaknesses so they can be safely resolved and therefore, enhance the safety and security of these systems. This year’s bug bounty challenge also has an added focus on personal data protection.
The first successful bug bounty challenge with MINDEF in 2018 resulted in 35 safely resolved security weaknesses. This latest initiative increases the number of invited hackers to 400 individuals, with 200 based locally in Singapore, doubling the local talent invited.
Throughout the challenge, hackers will have the opportunity to earn bounties — monetary awards for successful vulnerability findings — ranging from $150 to $10,000 based on the severity of the vulnerabilities discovered. Additional bounties will be awarded for the discovery of vulnerabilities that could result in the loss of personal data.
“We want to applaud MINDEF for being one of the first few government agencies to embrace such a forward-thinking approach to security,” said Fifi Handayani, MINDEF’s Program Manager at HackerOne. “MINDEF’s continued investment in hacker-powered security exemplifies the value governments and companies see from partnering with the hacker community to reduce risks.”
This challenge occurs against the backdrop of an evolution in the global perception of hackers, where everyone from government agencies to Fortune 500 companies is embracing the positive power of hacking for good. Policymakers across the globe are recommending hacker-powered security, with some even introducing legislation.
Government agencies like the European Commission and the U.S. Department of Defense are launching hacker-powered security programs resulting in 214% industry-wide growth on HackerOne. The Cyber Security Advisory Panel of the Monetary Authority of Singapore has also recommended financial institutions adopt bug bounty programs as part of their cyber testing.
According to HackerOne’s 2019 Hacker-Powered Security Report, organisations based in Singapore, including the National University of Singapore and GovTech, have awarded hackers more than $270,000 in bug bounties, the highest volume in the APAC region.
Earlier this year, HackerOne opened an office in Singapore to meet the growing demand for hacker-powered security solutions in the Asia Pacific region. This expansion has led to additional customer programs with government, enterprise and technology agencies including MINDEF, GovTech, National University of Singapore, Toyota, Nintendo and Grab.