Bug Bounty Switzerland AG awarded program management contract

Swiss government announces upcoming launch of federal bug bounty program

Switzerland’s National Cyber Security Centre (NCSC) has announced it is launching a new bug bounty program for the federal government.

A pilot project conducted in 2021 saw a total of six IT systems of the Federal Department of Foreign Affairs, FDFA, and the Swiss parliamentary services scanned by ethical hackers for security vulnerabilities.

The project returned a total of 10 vulnerabilities, including one classified as critical, seven as medium and two as low.

As a result, the program was expanded to include other federal agencies under the leadership of the NCSC.

Upcoming launch

The new security rewards program, which is expected to launch this year, will be managed by Bug Bounty Switzerland AG, which confirmed today (August 3) that it has been awarded the government contract.

Sandro Nafzger, CEO and co-founder, told The Daily Swig: “We are very proud and honoured to work with the National Cyber Security Centre – it consists of some of the best cybersecurity experts we have in Switzerland.

“For us, the strategic partnership with the NCSC and the innovative collaboration with the federal administration is a key milestone in the implementation of our strategy to establish bug bounty programmes in Switzerland.”

Read more of the latest bug bounty news

The platform was the first to launch in Switzerland in 2021 and counts secure email provider Proton and University Hospital Switzerland among its customers.

Nafzger said: “The cooperation with ethical hackers is key to the success of Switzerland’s digital transformation and we see this realisation slowly happening in Switzerland.

“Collaborating with ethical hackers is more than just cybersecurity, it’s a whole mindset and cultural shift towards a transparent learning culture. Something the almost-perfect Switzerland doesn’t have yet in its core DNA.”

More information about the upcoming program can be found on the Swiss NCSC’s website.

YOU MAY ALSO LIKE Bug Bounty Radar // The latest bug bounty programs for August 2022