The Ministry of Digital Development, Telecommunications and Mass Media of the Russian Federation (Mintsifry of Russia) announced the results of a project to search for vulnerabilities in Gosuslugakh. The project was launched in early February. As the press service notes, in three months the number of program participants exceeded 8.4 thousand people.
For successful work, participants receive a reward: gifts with project symbols for small bugs found, up to 1 million rubles for critical vulnerabilities. Based on the results of three months, the maximum payment amounted to 350 thousand rubles, the minimum – 10 thousand rubles. In total, 34 vulnerabilities were discovered, most of which are with medium and low levels of criticality.
Testing took place on the BI.ZONE Bug Bounty and Standoff 365 platforms. The Ministry of Digital Transformation noted: In the future, we plan to continue to carry out State Services bug bounties, as well as expand the program to other departments. Follow the announcements in the channel so as not to miss the launch of the next project.