Singapore Government to Launch Second Bug Bounty Initiative with HackerOne

Bug Bounty

HackerOne, the leading hacker-powered security platform, today announced it will partner the Government Technology Agency of Singapore (GovTech) and the Cyber Security Agency of Singapore (CSA), to work with local and overseas hackers on a government bug bounty initiative to further protect Singapore citizens and help secure public-facing government systems.

With cyber attacks growing in scale and complexity, the strategic bug bounty program is part of the Singapore Government’s ongoing commitment to build a secure and resilient Smart Nation by strengthening collaboration with the cybersecurity industry and community. GovTech is the agency driving Singapore’s public sector digital transformation.

Surfshark VPN

Following the success of a bug bounty program with the Singapore Ministry of Defence(MINDEF) earlier this year, this is HackerOne’s second bug bounty program with the Singapore Government. The bug bounty initiative will offer a select group of local bug bounty hackers a monetary reward, or bounty, for reporting valid vulnerabilities to GovTech so they can be safely resolved. Bug bounty programs are an industry best practice, implemented by public and private sector organizations across industries. The hacking challenge will run over a period of three weeks from December 2018 to January 2019 with the goal of finding security flaws in five public-facing government systems and websites.

By bringing together a community of cyber defenders who share the common goal of developing a safe and resilient cyberspace through the government bug bounty program, the Singapore Government aims to build a shared sense of collective ownership over the cybersecurity of Government systems and websites, which is vital to achieve the country’s Smart Nation goals.


HackerOne was appointed as it has the largest credentialled global ethical hacker community and proven results with MINDEF and other similar government organizations. GovTech Singapore joins government agencies like Singapore MINDEF, the U.S. Department of Defense, U.S. General Service Administration, and the European Commission who have selected HackerOne to leverage the global hacker community to surface vulnerabilities before they were exploited by criminals. Other organizations that have adopted the bug bounty model include leading companies like Google Play, Nintendo, General Motors, Starbucks, and others.

“Singapore is again setting an example for the rest of the world to follow by taking decisive steps towards securing their vital digital assets,” said Marten Mickos, CEO HackerOne. “Only governments that take cybersecurity seriously can reduce their risk of breach and interruption of digital systems. Singapore’s continued commitment to collaboration in cybersecurity is something that will help propel the industry’s progress just as much as it will contribute to protecting Singapore citizen and resident data.”