Secuna offers free services to help government agencies and SMBs boost cybersecurity

In response to the increase in cybersecurity threats in the Philippines, Secuna, the first and only outsourced cybersecurity testing platform in the country, is offering its community of security researchers to provide free bug bounties and programs disclosure tools to help government agencies and private organizations. improve their security capabilities.

“Governments and non-governmental organizations can run Vulnerability Disclosure Programs (VDPs) free of charge through the Secuna platform. They can also run Bug Bounty Programs (BBP) for free, without a subscription to the platform, if they want to incentivize security researchers to report a valid bug,” said AJ Dumanhug, CEO of Secuna.

A VDP is a structured method for third parties, researchers, and ethical hackers to easily report vulnerabilities.

The program provides a simple method to communicate results and show clients and investors that they take security seriously.

This gives organizations the opportunity to develop a fix and disclose the issue once a solution is ready. This approach follows the ISO/IEC 29147:2014 international standard for vulnerability disclosure.

Ethical hackers reveal vulnerabilities for VDP and Bounty programs.

The main difference is that bug bounty programs include rewards or incentives to encourage cybersecurity professionals with a wide range of skills and experience to research, identify, and report potential vulnerabilities.

In BBP, no money changes hands until the vulnerability is validated and found to meet the conditions specified on the program’s policy page, and payment is based on the severity of the reported vulnerability.

Bug bounty programs can be open or private.

Although bug bounty and vulnerability disclosure programs are already standard security procedures in the private sector, much more needs to be done to strengthen the country’s defenses against the proliferation of malicious cyberattacks and data breaches that could lead to national risks.

Secuna’s website describes its wide range of features and provides guides and other resources for getting the most out of these free cybersecurity tools. Secuna encourages government agencies and SMBs to contact them to assess and help them implement cybersecurity best practices.

“They only need to put a policy in place on our platform that contains rules, a target list, and a list of acceptable vulnerabilities. Then, they will launch their VDP or BBP so that our platform’s research community can start looking for vulnerabilities and report them accordingly. These are free trial services with no limits,” said Dumanhug.


Six years after the launch of the country’s cybersecurity framework, the country remains at Level 1, which means “no standardized process is in place”, in terms of awareness and communication, as well as skills and cybersecurity expertise.

Additionally, the COVID-19 pandemic has helped increase reliance on digital channels, and it has also attracted bad actors as online scams have increased.

Last year alone, the Philippines ranked fourth in Kaspersky’s global ranking of countries most targeted by web threats.

Dumanhug warned that cyberattacks are expected to become more complex in a few years.

“We need to act quickly by putting in place programs that are already available to us. Cyber ​​attackers are now using new technologies like artificial intelligence, which is why private organizations, SMEs and national government should also leverage the technologies we have to keep pace with attackers,” he noted.

Ashley C. Reynolds