YesWeHack, the leading global Bug Bounty and Vulnerability Management Platform, has completed its first year as the appointed partner for Singapore’s Government Bug Bounty Programmes (GBBP). This collaboration with the Government Technology Agency of Singapore has reinforced the nation’s cyber defences through the power of crowdsourced security testing.
Over the past year, YesWeHack supported four GBBP runs, drawing on its global community of more than 100,000 cybersecurity researchers and providing locally based triage support. More than 20 government agencies opened their systems to scrutiny, with each run engaging around 250 researchers. Collectively, researchers received over US$250,000 in bounty rewards for valid vulnerabilities discovered.
“Singapore is running some of the most mature and extensive Bug Bounty Programs globally. The willingness to engage openly with the cybersecurity community and the speed in addressing findings reflects a proactive approach that sets the standard for how organisations in both public and private sectors can strengthen resilience”, noted Kevin Gallerin, APAC CEO of YesWeHack.
“The strength of these programs comes from the diversity and expertise of the cybersecurity community. External researchers bring fresh eyes and unique perspectives, helping uncover risks in critical systems that might otherwise go unnoticed. We invite anyone with either an emerging interest or developed expertise in cybersecurity to take part and contribute their skills for good”, he added.
The next run of the GBBP is scheduled for 24 November – 7 December 2025, signalling Singapore’s continued commitment to working with the global cybersecurity community to strengthen and safeguard its government ICT systems and digital services.
Bug Bounty Program (BBP)
A BBP invites thoroughly vetted ethical hackers to test specific systems for vulnerabilities and earn monetary rewards for their validated findings, with bounties tiered according to severity. This motivates hunters to be patient, persistent and in-depth with their investigations, surfacing critical vulnerabilities missed by pentests and security tools. Those vulnerabilities, if exploited maliciously, could have severe repercussions.
YesWeHack Expertise
YesWeHack’s large and growing community of security researchers brings a wealth of experience and diverse perspectives, addressing security challenges from multiple angles. It also offers structural flexibility in programs, allowing targeted sprints and adjusting the scope of testing as needed. This adaptability maximises the efficiency and effectiveness of each bug bounty cycle, significantly reinforcing digital resilience.
About YesWeHack
YesWeHack is a global bug bounty & vulnerability management platform that connects companies and governments with ethical hackers from over 170 countries to keep their systems secure. With a mission to make the digital space safer for everyone, YesWeHack helps organisations uncover and fix vulnerabilities before they become real threats. The platform encourages responsible vulnerability disclosure and offers flexible, tailored programs to suit different security needs. Trusted by clients across industries, YesWeHack brings together a community of skilled researchers to protect digital infrastructures and strengthen cybersecurity worldwide.
Singapore PR Contact: YesWeHack@litmuspr.com.sg
Global PR Contact: press@yeswehack.com
