NextGen Day

26 May 2022, Philippines – In response to the rising cybersecurity threats in the Philippines, Secuna, the first and the only crowdsourced cybersecurity testing platform in the country, is offering its community of security researchers to provide free bug bounty and vulnerability disclosure programs to help the government agencies and private organizations better their security capabilities.

“Governments and non-governmental organizations can run vulnerability disclosure programs (VDP) through the Secuna platform for free. They can also run bug bounty programs (BBP) for free, with no platform subscription, if they want to incentivize security researchers for reporting a valid bug,” said AJ Dumanhug, CEO of Secuna.

A VDP is a structured method for third parties, researchers, and ethical hackers to report vulnerabilities easily. The program provides a straightforward method to communicate findings and to show customers and investors that they take security seriously. It gives organizations a chance to develop a patch and disclose the issue once a solution is ready. This approach follows the international standard ISO/IEC 29147:2014 for vulnerability disclosure.

Ethical hackers disclose vulnerabilities for both VDP and bounty programs. The key difference is that bug bounty programs include rewards or incentives to encourage cybersecurity professionals with a wide range of skill sets and experiences to find, identify, and report potential vulnerabilities.

In BBP, no money changes hands until the vulnerability is validated and determined to be compliant with the terms specified on the policy page of the program, and the payout is based on the severity of the reported vulnerability. Bug bounty programs can either be open or private.

While bug bounty and vulnerability disclosure programs are already standard security procedures in the private sector, there’s still much work to be done to strengthen the country’s defenses against the proliferation of malicious cyber-attacks and data breaches that could lead to national risks.

The website of Secuna outlines the broad set of its features and provides guides and other resources for putting these free cybersecurity tools to best use. Secuna encourages government agencies and SMEs to contact them to assess and help them implement the best cybersecurity practices.

“They only need to set up a policy on our platform which contains rules, a target list, and a list of acceptable vulnerabilities. Then they will launch their VDP or BBP so that the vetted community of researchers in our platform can start looking for vulnerabilities and report them accordingly. These are free trial services and have no limits,” said Dumanhug.

AMPLIFYING CYBERSECURITY AWARENESS AND READINESS

Six years after the country’s cybersecurity framework was launched, the country remains at Level 1, meaning “no standardized processes are in place”, in terms of awareness and communication, and cybersecurity skills and expertise. 

Moreover, the COVID-19 pandemic has aided in increasing reliance on digital channels, and it has also attracted bad actors as online scams have increased.

Just last year, the Philippines ranked fourth in Kaspersky’s global ranking of countries most targeted by web threats. 

Dumanhug warned that cyberattacks are expected to become more complex in a few years.

“We have to act quickly by implementing programs that are already available to us. Cyber attackers are now using new technologies like artificial intelligence that’s why private organizations, SMEs, and the National Government should also take advantage of the technologies we have to keep up with the attackers,” he noted.

#

About Secuna

Secuna is the first and only crowdsourced cybersecurity testing platform in the Philippines that has a community of hundreds of the world’s most advanced and highly-vetted cybersecurity professionals and ethical hackers. The company offers Managed Service that helps in setting-up ISO-compliant Security Vulnerability Disclosure Program and Bug Bounty Program to receive and act on vulnerabilities discovered by cybersecurity professionals. Secuna also offers Compliance Service, a comprehensive ISO-compliant Vulnerability Assessment and Penetration Testing (VAPT). This service is tailored-fit for apps/websites that have never been tested for cybersecurity flaws or businesses with requirements of Third-Party Assessment reports from government agencies.

Some of Secuna’s notable clients are Dashlabs, QuadX, UBx, Kumu, Paymongo, and Palawan Express. 

The company has been striving to be at the forefront of cybersecurity in the Philippines. Since our inception in 2017, it has been committed to helping companies, organizations, and even the government secure their digital assets.

SECUNA is the combination of SEC (short for “security”) and UNA (Filipino word for “first”).

For more information, visit https://www.secuna.io/.

Save/Share this story with QR CODE

---

Disclaimer

This article is for informational purposes only and does not constitute endorsement of any specific technologies or methodologies and financial advice or endorsement of any specific products or services.

Need to get in touch?

Feel free to Contact NextGenDay.com for comments, suggestions, reviews, or anything else.

---

We appreciate your reading. Simple Ways To Say Thanks & Support Us:
1.) GIVE A TIP. Send a small donation thru Paypal
Your DONATION will be used to fund and maintain NEXTGENDAY.com
Subscribers in the Philippines can make donations to mobile number 0917 906 3081, thru GCash.
3.) BUY or SIGN UP to our AFFILIATE PARTNERS.
4.) Give this news article a THUMBS UP, and Leave a Comment (at Least Five Words).

---

AFFILIATE PARTNERS

World Class Nutritional Supplements - Buy Highest Quality Products, Purest Most Healthy Ingredients, Direct to your Door! Up to 90% OFF.
Join LiveGood Today - A company created to satisfy the world's most demanding leaders and entrepreneurs, with the best compensation plan today.

---