The Ministry of Defence (MINDEF) of Singapore launches its next Bug Bounty Programme with YesWeHack, the crowdsourced security and vulnerability management platform.
Running from 25 October to 2 November 2025, this time-limited engagement will invite vetted security researchers worldwide to test internet-facing systems and websites belonging to MINDEF.
Researchers will operate within a defined scope and follow clear rules of engagement to ensure systems are hardened in line with MINDEF’s security goals, without disrupting services or compromising data privacy.
Strengthening Cyber Resilience through Collaboration
This initiative reinforces MINDEF’s continued commitment to enhancing cyber resilience through collaboration with the international security community. By partnering with YesWeHack’s global network of security researchers, MINDEF aims to complement the work of internal security teams and uncover vulnerabilities before they can be exploited.
About YesWeHack
YesWeHack is a leading Bug Bounty and Vulnerability Management Platform. Founded by ethical hackers in 2015, YesWeHack connects organisations worldwide with more than 100,000 ethical hackers who uncover vulnerabilities in websites, mobile apps, connected devices and digital infrastructure.
The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and ‘Dojo’ (ethical hacking training).
YesWeHack complies with strict security, financial traceability and privacy requirements. YesWeHack’s services are ISO 27001- and ISO 27017-certified and accredited by CREST. YesWeHack’s infrastructure uses EU-based, GDPR-compliant private hosting that meets the most stringent standards: ISO 27001, ISO 27017, ISO 27018, ISO 27701 and SOC II Type 2. The YesWeHack platform is also permanently subject to a public Bug Bounty Program.
