Security thanks to a structured reporting process with your free GOvdp

The latest news from GObugfree

Thoughts on cyber security, product announcements and news


How bug bounty programs enhance security in the financial sector

Unique, a pioneer in developing generative AI solutions for the financial sector, skillfully navigates between rapid development and the stringent compliance and security requirements of its highly regulated and risk-averse clients. How does a bug bounty program fit into this scenario?



The SNSF’s strategy for protecting sensitive data with bug bounties

The Swiss National Science Foundation (SNSF) not only funds thousands of research projects across all scientific disciplines but also leads the way in securing sensitive data. Chief Information Security Officer Anton Brunner explains how the SNSF’s bug bounty program enhances the cybersecurity of its portals and makes a crucial contribution to data security.



Cyber resilience workshop in the heart of Switzerland

A unique workshop on cyber resilience, organised by the Cyber Resilience Alliance was recently held in ‘The Room’ at Zibris. The event was aimed at individuals who are responsible for cybersecurity or would like to delve deeper into these topics, such as management, executive management and board members. The aim was to bring the topic of cyber security closer, break down barriers and create awareness. GObugfree, as part of the cyber resilience alliance, was involved in the event.



ZKB Explores Bug Bounty Program with GOHack Challenge

Trust is a core value of Zürcher Kantonalbank (ZKB), and cybersecurity plays a crucial role in upholding it. Sarah Plocher, Security Analyst at ZKB, explains how the bank, in collaboration with GObugfree, explored the potential of a bug-bounty program through the GOHack Challenge. The goal of this exploration was to evaluate the necessary preparations and internal processes for a potential implementation, thereby strengthening the bank's security measures and proactively addressing vulnerabilities.



Vulnerability Disclosure Programs: For the secure reporting of vulnerabilities

Vulnerability Disclosure Programs (VDPs) play a significant role in improving cybersecurity by enabling third parties to securely report vulnerabilities. GObugfrees' free tool, GOvdp, makes it easy for organizations to efficiently implement and manage their own VDPs, allowing them to benefit from findings made by external parties.


GBF-Blog-cyber resilience live.png

Hands-on workshop: Cyber Resilience live

Experience first-hand how cyber attacks happen and strengthen your own cyber resilience. Save your place now for the hands-on workshop on June 5!



GOLearn - Securing Trust: Ethical hacking & background checks explained

Learn how ethical hacking and comprehensive background checks can serve as critical protections for your organisation amid growing cyber threats.



Bridging security and innovation: GObugfree's free VDP fosters secure collaboration between ethical hackers and companies

GObugfree leads the way in Switzerland as the first to provide a free Vulnerability Disclosure Program (VDP). This program establishes a secure communication channel between businesses and ethical hackers, encouraging a more accountable handling of security vulnerabilities.


GBF_Blog-ZKB-Online Challenge-EN.png.png

ZKB Challenge

Join the ZKB challenge from April 30 - May 10, 2024. Help secure Zürcher Kantonalbank's Federated Identity Management application. There's a total bounty pool of CHF 15'000 waiting to be claimed - valid critical findings will be rewarded with CHF 2'000.



Why bug bounty programs and pentests go hand in hand

In the world of cyber security, it is essential to proactively identify and fix vulnerabilities in IT systems. Two effective methods that complement each other are bug bounty programs and pentests. This article highlights the benefits of both approaches and provides guidance on how to set up an effective bug bounty program for your company.



GOLearn - Empowering Enterprise Security Risk Management

Join our panel discussion on April 16 at 15:30 CET to learn how managing security risks as a whole, known as Enterprise Security Risk Management (ESRM), can break down barriers and strengthen your organization. Hear from experts about the crucial steps for integrating security efforts across all areas, transforming a holistic approach into real, tangible strength. We'll cover important topics like overcoming isolated security efforts, fostering a culture that supports collaboration, and the essential skills needed for effective ESRM.



Harnessing collective wisdom: GObugfree embraces Co-CEO leadership

With the appointment of Christina Kistler and Marcel Eyer as Co-CEOs, GObugfree underlines its commitment to diversity and innovation. This appointment marks a significant milestone for GObugfree, the premier Swiss platform for crowd-sourced vulnerability management, reinforcing our pledge to advance ethical hacking and enhance cybersecurity accessibility, with a special focus on safeguarding SMEs across the DACH region.



The magic of crowdsourced security:'s bug bounty story

How does a Swiss telecom provider with a small IT team stay ahead of growing cybersecurity threats? Jean-Blaise Rey, Head of Applications at netplus, shares insights into how embracing bug bounty programs and the collective insight of ethical hackers is enhancing their defense strategy, contributing to the ongoing security of their network and maintaining the trust of their customers.



How Maestrani strengthens its cybersecurity with the help of ethical hackers

In an era where cyber threats are a daily concern, Maestrani has taken a crucial step to enhance its IT security: employing ethical hackers. Through a Community Bugtest, external specialists provide invaluable insights that contribute to the evolution of Maestrani's security strategy. Thomas Leitner, a member of the executive team, shares insights into the significance of this process for the company.



Cyber risks: An unavoidable challenge in 2024

In 2024, cyber risks are once again in the spotlight - in the top 5 global risks in the World Economic Forum report and the number one business risk in the Allianz Risk Barometer. Find out how these risks affect businesses, governments and individuals and what trends will drive cyber activity in 2024.



2023 Year in review

New customers, partnerships, participation in various events and our first GOHack: GObugfree can look back on an eventful year. We would like to thank our customers, partners, investors and employees for their support and trust and look forward to an exciting 2024 and continuing to accompany our customers on their GO-bugfree journey.



Networking and collaboration: Key to cyber security

In the ever-evolving landscape of cybersecurity, it is becoming increasingly important to act collectively and collaboratively. Ralph Hutter, Head Ecosystems & Partnerships at Finnova, explains in the latest GOTalk how companies can succeed and collaborate effectively in the fast-paced cyber ecosystem.



GOHack23: A first in the world of cybersecurity

From November 30 to December 2, 2023, GOHack23, a joint initiative of GObugfree and the Fernfachhochschule Schweiz (FFHS), took place in Zurich. This unique event combined a symposium, bug hunting and education track and brought together a diverse group of participants. Professionals, enthusiasts and newcomers alike came together on this comprehensive platform for sharing and learning about cybersecurity and ethical hacking.



Hack for good

The term "friendly hacker" takes on a new meaning thanks to the joint commitment of GObugfree and RaiseNow. As part of GOHack23, friendly hackers will try to hack the systems of the non-profit start-up RaiseNow. Half of the bounties will be donated to Caritas Switzerland for charitable purposes, true to the motto: Hack for good.



Human-Centered Security: People at the Core of Cybersecurity

Human-centered security is key in cybersecurity. Peter Kosel, cyberunity tells how knowing your talents can transform recruitment and protect your business



Passion for Hacking: Learning, Teaching, and Relentless Curiosity

Sophus Siegenthaler's journey in the realm of cybersecurity is a testament to following one's passion and the power of relentless self-learning. With over two decades in the industry, he has witnessed its evolution from the early days of IT to the complex cybersecurity landscape of today. Beyond his personal endeavors, Sophus is keen on sharing his wealth of knowledge with the next generation . At GOHack23, Sophus will be leading a Hacking 101 session and CTF challenge, offering participants a unique opportunity to dive into the world of bug bounty hunting.



An Unexpected Journey into Cybersecurity

Michael Meli, Group CISO at Julius Bär, discusses his intriguing journey, the unique challenges in the financial sector, and shares invaluable insights for those looking to move into the field of cybersecurity. Meet Michael at GOHack23, he'll be speaking in the EDU Track on December 1.



Collaboration between Aequivalent and GObugfree: Emphasizing data protection

In a world where data security is a top priority, GObugfree and Aequivalent are working together to make it even stronger. GObugfree has set up a tailored Vulnerability Disclosure Program (VDP) for Aequivalent. On request, Aequivalent offer additional background checks for select friendly hackers on GObugfree's platform. Through this partnership, they ensure that sensitive information receives an extra layer of protection.



Behind the Scenes: The Dual Role of Hacking and Defense

Antoine Neuenschwander heads up the Bug Bounty Program and serves as a Security Incident Responder at Swisscom. With over 15 years in the cybersecurity realm spanning various roles—from software development to IT security operations and penetration testing—he's deeply rooted in the industry. Outside of work, he wears the hat of an ethical hacker. Catch him at GOHack23 to delve into his wealth of experiences and find out how to get started in cybersecurity.



Bug bounty programs: A three-way view of cybersecurity in the financial sector

Each year, experts from financial institutions gather at the "Secure E-Banking" event to share insights. This year, the focus was on the rapidly growing trend of bug-bounty programs in Switzerland and Europe. Oliver Hirschi, founder of "E-Banking - Safely!", recognized the importance of this topic and highlighted it at the event.



GOHack23 Interview with Florian Muff BDO

As part of the existing partnership with GObugfree, BDO Switzerland supports GOHack23 as a main partner. Learn more about the importance of cybersecurity at BDO in the interview with Florian Muff, Manager Forensic Technology / Cyber Security. Get to know Florian better at GOHack23, where he will share his experiences in the EDU track.




In an increasingly digitalized world, cybersecurity is crucial. At the GOHack23 Symposium Cyber Future, we'll discuss the meeting point of artificial intelligence and human insight, and explore the evolving educational landscape of tomorrow.



Spotlight on cybersecurity: a recap of the August 2023 Inside IT event

As one of the main sponsors of the Inside-IT event on the topic of 'Cybersecurity of and in Switzerland', we take stock: What are the most pressing issues, and how do we as a society create trust in the digital world?



GBF-BDO lunch event series

BDO Switzerland and GObugfree are working together to protect Swiss SMEs from cyber attacks. To this end, a joint event series on the topic of cyber security is being launched at various locations in Switzerland.



GOHack23: GObugfree and the Swiss Distance University of Applied Sciences team up to power cybersecurity in Switzerland

GObugfree and the Swiss Distance University of Applied Sciences (FFHS) are proud to announce GOHack23, a unique cybersecurity event bringing together a symposium, live bug bounty hunting, and education. The event will kick off on November 30 and will run through December 2, 2023. The Swiss Army is supporting the event as a partner.



Between rolling green pastures and digital innovations: A review of DCONO 2023

The scenic community of Gais, a place where cows are an expected sight but where innovation might come as a surprise, was home to the inaugural Digital Conference Ostschweiz (DCONO). This event presented an intriguing blend of traditional charm and digital modernity, a fusion our team from GObugfree AG was delighted to be a part of.



Cybersecurity Insights: GObugfree at DCONO 2023

Dive into the world of cybersecurity with us. At the DigitalConferenceOstschweiz (DCONO) on 15.6.2023, we will present a live hack and share valuable insights into cyber protection.



GO Learn - Navigating the cyber threat landscape

GOLearn! In a series of interactive webinars, experts share tips and insights on current cyber security issues. Thie session with Jörg Schauff is on Navigating the cyber threat landscape: Actionable Insights for your business



Helvetia and GObugfree support SMEs in preventing cyberattacks

Helvetia Insurance sets new standards in supporting its business customers in the field of cybersecurity. In a pioneering step for the Swiss insurance sector, Helvetia collaborates with bug bounty provider GObugfree to help their (SME) corporate customers identify and close security gaps effectively.



Jumpstart your cybersecurity with a bug bounty starter program

When your company is suddenly targeted by cybercriminals, what’s your next move? Thomas Wagner from Wato-Soft shares his experience: "Although the attack on our data center was ultimately unsuccessful, it highlighted the urgent need for robust cybersecurity. It was clear to us – we needed to strengthen our cybersecurity measures."



Hands-on training for tomorrow's security specialists

As part of a bug bounty education program with GObugfree (EDU program), students at the Fernfachhochschule Schweiz (FFHS) hack their own university and gain first experiences as bug bounty hunters. With this educational initiative, GObugfree and FFHS want to attract more talent to the field of cyber security and develop the next generation of security specialists.



Ethical Hacker: Job of tomorrow

Zurich-based bug bounty provider GObugfree launches Switzerland's first bug bounty education program for ethical hacking at colleges and universities. For the past 10 months, the FHNW University of Applied Sciences Northwestern Switzerland has integrated the program into its educational offerings. The FFHS, Switzerland's leading distance learning university, now also partners with GObugfree in education.



How Adnovum makes its software even more secure

When you have customers with high security requirements, you need to meet the highest security standards. With the help of Friendly Hackers, Adnovum subjects its software to additional testing.



Beating cyber criminals at their own game

In nature, healthy ecosystems are essential for survival. This also applies in business. Especially when it comes to complex issues like cybercrime. GObugfree and fidentity, two Swiss companies, are building the foundation for a strong ecosystem against cyber attacks.



Why cybersecurity needs to be part of your business strategy

Thierry Kneissler is a consultant, investor, lecturer, strategy champion, as well as co-founder and ex-CEO of TWINT. The Bernese family man worked for years in the traditional finance sector before moving into the fintech industry in 2014 with the founding of TWINT. Today, Thierry supports various companies and startups with his experience and knowledge, as an independent board member and advisor.



GO Learn - Multi-Cloud = Multi-Risk?

GOLearn! In a series of interactive webinars, experts share tips and insights on current cyber security issues. First up: Lacework CISO Andy Schneider on Multi-Cloud security.



Cyber threats: Opportunities for Innovation & IT

At the February 2, 2023 FFHS Business Breakfast, Anna Mempel, COO at Securnite; Rolf Wagner, COO at GObugfree; and Nicolas Mayencourt, CEO at Dreamlab Technologies discussed the growing threat of cyber attacks, why Switzerland isn't doing enough to protect itself, and how we can create more awareness to combat cybercrime.



Increase your resiliency against account takeover

What can you do to increase the resilience of your online accounts This article provides actionable recommendations to make your accounts less attractive for most types of scams.



GObugfree appoints experienced cyber expert Gerhard Beeker to grow the DACH market

Gerhard Beeker, season cyber expert, strengthens the GObugfree team as Senior Business Development Manager DACH to grow the DACH market.



Why SMEs should get to grips with the new data protection law sooner rather than later

On September 1, 2023, the revised Data Protection Act will come into force. In the future, violations of key issues will be subject to penalties of up to CHF 250,000. These fines will be against individual decision-makers in the company, not against the company itself. Lukas Bühlmann, Co-Head Digital, Data Privacy & E-Commerce at MLL Legal, advises companies to address their processes and security measures early on and to integrate appropriate activities into their existing security concepts. To this end, a bug bounty program and pentesting can be helpful.



2022 Year in Review

New public bug bounty programs, additions to the team, an Advisory Board, our first Hacking Challenge, talks, sponsorships, and participation in various events. 2022 was an action-packed year!


Saner Çelebi

GObugfree further expands its security division: Saner Çelebi is appointed Lead Security Advisor

After successfully establishing itself on the market, GObugfree continues to expand its security division. Seasoned manager and security expert Saner Çelebi joins the team as Lead Security Advisor for SME and enterprise customers. In this role, he offers GObugfree customers professional consulting in all security matters, especially with respect to a comprehensive approach for embedding bug bounty programs into existing security and vulnerability management systems.


GBF-blog netplus public pgm.png

net+ tackles cybercrime head on, with a public Bug Bounty Program with GObugfree

net+, the French-speaking Swiss provider of telecommunications solutions, strengthens the protection of its IT systems with a public bug bounty program from GObugfree. With the help of over 900 "Friendly Hackers", net+ puts its IT systems through their paces and benefits from the swarm intelligence and creativity of a community of security experts.



Why Threema believes in bug bounty programs and pays up to CHF 10’000 for critical findings

Since May 2022, Threema GmbH, developer of the well-known secure Swiss messenger service, has been collaborating with GObugfree to secure its products, Threema and Threema Work. The company recently increased the bounty level for critical findings from CHF 4’000 to CHF 10’000, underlying Threema’s commitment to cybersecurity, as well as its confidence in the capabilities of trusted friendly hackers and experienced IT security experts to thoroughly test Threema’s open source products.



Agile security measures for agile business models

At Agile Leadership Day, Christina Kistler, CCO and Rolf Wagner, COO of GObugfree AG spoke about the increasing threat of cybercrime and how agile security approaches such as Shift Left, Continuous Testing with Bug Bounty and Zero Trust Architecture can provide companies with proactive, holistic and systemic protection.


Cybero Panel discussion

Penetration Testing & Bug Bounty: Key components of your cyber security toolbox

In the October 27, 2022 panel discussion, security experts debated two tools that lead to increased cyber resilience: Pentesting and Bug Bounty.



Not cracked yet - fidentity Liveness Challenge prize money still up for grabs

On Nov 3-4, 2022, during 36 hours, more than 100 Friendly Hackers tried to bypass the artificial intelligence of the fidentity system. The system's not been cracked yet.



Pentesting and/or Bug Bounty Program?

Are you interested in finding out more about pentesting and bug bounty programs? Come to the Cybero Expert talk on October 27 to hear the pros and cons of each approach. The expert panel includes cyllective founder Sophus Siegenthaler, GObugfree co-founder Michael Schläpfer and security researcher Antoine Neuenschwander.



First GObugfree Hacking Challenge - Prepare for Glory

It's on now! Put your skills and creativity to use in the new GObugfree Hacking Challenge. Pretend to be one of the target figures and beat the fidentity liveness check. Prizes of up to CHF 4'000 are up for grabs. GO Hack!


GObugfree awarded swiss made software label

GObugfree: Guaranteed Swiss

GObugfree is the first bug bounty platform to be awarded the swiss made software label. Christian Walter, Managing Partner at swiss made software talks about the importance of the label and why companies should pay closer attention to where their software comes from.



GObugfree expands Advisory Board with business consultant Stefan Bürzle and ecosystem specialist Ralph Hutter

Stefan Bürzle and Ralph Hutter bring further expertise to the GObugfree Advisory Board after the two bug bounty specialists Andreas Schneider and Matthias Jauslin. Bürzle is the link to the world of finance and business, while Hutter, as HWZ course director, provides the connection to the Swiss education landscape and brings his ecosystem expertise to the table.



GObugfree now has an advisory board: Bug Bounty experts Andreas Schneider and Matthias Jauslin join the start-up.

The IT security start-up GObugfree was able to win over two bug bounty pioneers as consultants. Find out more about Andreas Schneider and Matthias Jauslin - and how they assess the potential of GObugfree.



New CEO for the next development stage of GObugfree

Pawel Kowalski will be devoting himself fully to product development in future. The experienced founder and entrepreneur Phil Huber takes over as managing director.



Webinar: Agile Security Measures for Business Models in E-Commerce

At the Handelsverband.SWISS webinar, Pawel Kowalski, CEO & Co-Founder of GObugfree, will show you how existing security measures can be effectively supplemented by the swarm intelligence of a community of trusted hackers to counter new risks.



Threema now relies on the Swiss bug bounty platform from GObugfree and makes its messenger app even more secure

The manufacturer of the well-known secure Swiss messenger, Threema GmbH, is now working with GObugfree to secure its products, Threema and Threema Work.



Agile business models require agile security measures

This was the title of GObugfree Co-Founder and Chief Hacking Officer Michael Schläpfer's Best Practice Speech at the Swiss Cyber Security Days 2022 (SCSD). The balance of the conference also clearly shows that Switzerland is in a race to catch up in the area of cyber security and new security approaches are required.



GObugfree is ready to take off - the management is complete

Marketing and sales expert Christina Kistler completes the management team of GObugfree as Chief Commercial Officer and becomes a partner.



GObugfree is Gold Sponsor of the Swiss Cyber Security Days

The Swiss Cyber Security Days is one of the country's most important conferences in the field of IT security. GObugfree co-founder Michael Schläpfer will be there to show how SMEs can also protect themselves against cybercrime in an increasingly digital world.



BugBountyHub is now called GObugfree

New name, same mission: protecting businesses against cyberattacks thanks to crowd intelligence



GObugfree opens the first public IoT bug bounty program to PlaceB

PlaceB offers a large network of self-storage units at various locations in Switzerland. Using the cell phone, which acts as a key, customers can easily open the doors to the rented storage space with the sliding button or even give access permission to the storage space to family members and friends with a few clicks of the mouse.



A concentrated load of digital know-how for the BugBountyHub board of directors

Twint-Co founder Thierry Kneissler and placeB founder Terry Fehlmann strengthen our IT security start-up on a strategic level



Bug Bounty – Miracle cure or marketing hype?

What can bug bounties do, and what are their limitations? Are they a panacea or just the latest IT buzzword? We try to get to grips with this new approach to IT security.



Bug Bounty – Bug-tracking hackers or bounty hunter 2.0

Hear the term "bounty hunter" and we automatically think of the Wild West – catchphrases like "Dead or Alive!" familiar from movies such as Django Unchained or For a Few Dollars More.