dotlah! dotlah!
  • Cities
  • Technology
  • Business
  • Politics
  • Society
  • Science
  • About
Social Links
  • zedreviews.com
  • citi.io
  • aster.cloud
  • liwaiwai.com
  • guzz.co.uk
  • atinatin.com
0 Likes
0 Followers
0 Subscribers
dotlah!
  • Cities
  • Technology
  • Business
  • Politics
  • Society
  • Science
  • About
  • Lah!
  • Technology

New Vulnerability Rewards Programme To Test Resilience Of Critical Government Systems

  • September 3, 2021
Total
0
Shares
0
0
0

The Government Technology Agency (GovTech) has launched a new Vulnerability Rewards Programme (VRP) to augment the existing Government Bug Bounty Programme (GBBP) and Vulnerability Disclosure Programme (VDP). Together, the three crowdsourced vulnerability discovery programmes[1] supplement GovTech’s suite of cybersecurity capabilities[2] to safeguard the Government’s Infocomm Technology and Smart Systems (ICT&SS).

The three crowdsourced vulnerability discovery programmes offer a blend of continuous reporting and seasonal in-depth testing capabilities that taps the larger community, in addition to routine penetration testing conducted by the Government. While members of the public can report suspected vulnerabilities on all Internet-facing systems through the VDP, the GBBP and VRP are only open to ‘white hat’ hackers – or ethical hackers – for testing due to the higher-value systems involved. The seasonal GBBP focuses on selected systems in each iteration, whereas the new VRP aims to continuously test a wider range of critical ICT systems necessary for the continuous delivery of essential services in our digital economy.

The VRP offers monetary rewards ranging from US$250 to US$5,000 to white hat hackers, depending on the severity of the vulnerabilities discovered. A special bounty of up to US$150,000 will be awarded for the discovery of vulnerabilities that could cause exceptional[3] impact on selected systems and data. The special bounty is benchmarked against crowdsourced vulnerability programmes conducted by global technology firms such as Google and Microsoft[4]. This signals the Singapore Government’s commitment to secure critical ICT systems and sensitive personal data.

The programme will first cover three systems: Singpass and Corppass (GovTech); Member e-Services (Ministry of Manpower – Central Provident Fund Board); and Workpass Integrated System 2 (Ministry of Manpower). More critical ICT systems will be progressively added to the programme.

As these are systems that are critical to the delivery of essential digital government services, only white hat hackers who have met the strict criteria will be allowed to participate. These checks will be conducted by the appointed bug bounty company, HackerOne. Registered participants will conduct security testing through a designated virtual private network (VPN) gateway provided by HackerOne. This is to ensure that the security testing activities are within the permitted Rules of Engagement (ROE). If participants breach the ROE, their VPN access may be revoked to minimise potential disruptions to the integrity of the government systems.

Ms Lim Bee Kwan, Assistant Chief Executive for Governance and Cybersecurity, GovTech, said, “Since the launch of our first crowdsourced vulnerability discovery programme in 2018, we have partnered with over 1,000 highly skilled white hat hackers to discover about 500 valid vulnerabilities. The new Vulnerability Rewards Programme will allow the Government to further tap the global pool of cybersecurity talents to put our critical systems to the test, keeping citizens’ data secured to build a safe and secure Smart Nation.”


[1] Please refer to the factsheet on Government Crowdsourced Vulnerability Discovery Programmes.
[2] These include threat modelling, secure architecture implementation, secure coding, penetration testing and security monitoring of systems, amongst others.
[3] Selected systems under VRP have categories outlining the consequences that qualify as Exceptional Impact. The categories will apply only to the respective systems and white hat hackers will be informed of the categories after they have successfully registered.
[4] https://security.googleblog.com/2021/02/vulnerability-reward-program-2020-year.html, https://www.microsoft.com/en-us/msrc/bounty, https://msrc-blog.microsoft.com/2020/08/04/microsoft-bug-bounty-programs-year-in-review/


Related Resources

  • Factsheet on Government Crowdsourced Vulnerability Discovery Programmes (Updated Aug 2021)

ISSUED BY THE GOVERNMENT TECHNOLOGY AGENCY


About Government Technology Agency

The Government Technology Agency (GovTech) is the lead agency driving Singapore’s Smart Nation initiative and public sector digital transformation. As the Centre of Excellence for Infocomm Technology and Smart Systems (ICT & SS), GovTech develops the Singapore Government’s capabilities in Data Science & Artificial Intelligence, Application Development, Sensors & IoT, Digital Infrastructure, and Cybersecurity.

GovTech supports public agencies to manage enterprise IT operations and develop new digital products for citizens and businesses. GovTech is the public sector lead for cybersecurity, and oversees key government ICT infrastructure, as well as regulates ICT procurement, data protection and security in the public sector. GovTech is a Statutory Board under the Smart Nation and Digital Government Group (SNDGG) in the Prime Minister’s Office.

For more information, please visit www.tech.gov.sg.


For media clarifications, please contact:

Serene Chan (Ms)
Communications and Marketing Group
Government Technology Agency
Tel: 9729 9392
Email: Serene_CHAN@tech.gov.sg

Leonard Lui (Mr)
Communications and Marketing Group
Government Technology Agency
Tel: 9673 8285
Email: Leonard_LUI@tech.gov.sg

Total
0
Shares
Share
Tweet
Share
Share
Related Topics
  • Government Technology Agency
  • GovTech
  • VRP
  • Vulnerability Rewards Programme
dotlah.com

Previous Article
  • Science
  • Technology

Singapore Scientists Dissect RNA Structures Of SARS-COV-2 And Discover Important Host Factor For Infection

  • September 3, 2021
View Post
Next Article
  • Lah!
  • Society
  • Technology

SG Women In Tech Corporate Pledge Initiative

  • September 3, 2021
View Post
You May Also Like
View Post
  • Artificial Intelligence
  • Technology

Thoughts on America’s AI Action Plan

  • Dean Marc
  • July 24, 2025
View Post
  • Technology

ESWIN Computing launches the EBC77 Series Single Board Computer with Ubuntu

  • dotlah.com
  • July 17, 2025
View Post
  • Gears
  • Technology

Samsung Galaxy Z Fold7: Raising the Bar for Smartphones

  • Dean Marc
  • July 9, 2025
View Post
  • Cities
  • Technology

Meralco PowerGen’s PacificLight starts up 100 MW fast-response plant in Singapore

  • dotlah.com
  • June 20, 2025
View Post
  • Technology

Apple services deliver powerful features and intelligent updates to users this autumn

  • Dean Marc
  • June 12, 2025
View Post
  • Artificial Intelligence
  • Machine Learning
  • Technology

Apple supercharges its tools and technologies for developers to foster creativity, innovation, and design

  • Dean Marc
  • June 11, 2025
View Post
  • Technology
  • Working Life

It’s time to stop debating whether AI is genuinely intelligent and focus on making it work for society

  • dotlah.com
  • June 8, 2025
oracle-ibm
View Post
  • Artificial Intelligence
  • Technology

IBM and Oracle Expand Partnership to Advance Agentic AI and Hybrid Cloud

  • Dean Marc
  • May 6, 2025


Trending
  • 1
    New Trump tariffs: early modelling shows most economies lose – the US more than many
    • August 6, 2025
  • Scuba Diving 2
    Wetsuit or Drysuit? As always, it depends. This quick guide can help you choose.
    • August 2, 2025
  • 3
    Thoughts on America’s AI Action Plan
    • July 24, 2025
  • 4
    Introducing Surface Laptop 5G: Seamless connectivity, built for business
    • July 23, 2025
  • 5
    Press Start (Or Hit Enter)! Your Go-To Loadout for Streamers and Gamers.
    • July 19, 2025
  • 6
    ESWIN Computing launches the EBC77 Series Single Board Computer with Ubuntu
    • July 17, 2025
  • 7
    Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
    • July 9, 2025
  • Camping 8
    The Summer Adventures : Camping Essentials
    • June 28, 2025
  • 9
    Meralco PowerGen’s PacificLight starts up 100 MW fast-response plant in Singapore
    • June 20, 2025
  • 10
    A Father’s Day Gift for Every Pop and Papa
    • June 14, 2025
Trending
  • cities-with-the-fastest-5g-download-speeds-globally-24771 1
    • Cities
    • Technology
    The Cities With The Fastest 5G Speeds
    • May 1, 2021
  • 2
    • Lah!
    Project Ubin’s Fifth And Final Phase Highlights Commercial Potential, Paving Way Towards Live Adoption
    • July 15, 2020
  • 3
    • Science
    • Society
    A Plasma Reactor Zaps Airborne Viruses – And Could Help Slow The Spread Of Infectious Diseases
    • February 7, 2020
  • physical_activity_mental_health_1600 4
    • People
    The Pandemic Has People Stuck In A Bad Mental/Physical Loop
    • September 24, 2021
  • 5
    • People
    • Technology
    Space Exploration Is Still The Brightest Hope-Bringer We Have
    • May 27, 2020
  • 6
    • Technology
    UOB Asset Management Sees Surge In Online Corporate Investing As Companies, Especially SMEs, Reap The Benefits Of Digitalisation
    • July 15, 2021
  • 7
    • Technology
    M1 And SGInnovate To Help Start-ups Adopt 5G Technology Through New Collaboration
    • May 21, 2020
  • 8
    • Lah!
    Sembcorp To Collaborate On Development Of The UK’s First Net Zero Emissions Power Plant – Whitetail Clean Energy
    • July 15, 2021
  • 9
    • Lah!
    • Society
    FairPrice Food For Good Community Fridge Provides Low-Income Families With Free Food
    • September 24, 2021
  • 10
    • Lah!
    5 RSAF Things You Should Not Miss At #NDP2019
    • August 6, 2019
  • 11
    • Technology
    Singapore Technology Companies Find New Opportunities And Strengthen Partnerships At Smart China Expo 2019
    • August 27, 2019
  • 12
    • Technology
    Singles’ Day Deals: Best Messenger Bags On AliExpress
    • November 10, 2019
Social Links
dotlah! dotlah!
  • Cities
  • Technology
  • Business
  • Politics
  • Society
  • Science
  • About
Connecting Dots Across Asia's Tech and Urban Landscape

Input your search keywords and press Enter.