Beating cyber criminals at their own game

In nature, healthy ecosystems are essential for survival. This also applies in business. Especially when it comes to complex issues like cybercrime. GObugfree and fidentity, two Swiss companies, are building the foundation for a strong ecosystem against cyber attacks.

GBF_Blog-cyberkriminelle-mit-ihren-eigenen-waffen-schlagen.jpg

Cybercrime: a $6 trillion business

In recent years, cyber attacks have increased in number, sophistication, and impact. The damage they cause is immense: according to Cybersecurity Ventures, the global cost of cyber attacks in 2021 was over $6 trillion. Among the factors responsible for the strong growth of cybercrime is the emergence of offerings such as "Crime as a Service." This allows even those with a lack of expertise to gain access to advanced tools and services to carry out cyberattacks. With great effect.

Beating cyber criminals at their own game

When companies think about cybersecurity, they need to take a holistic approach - and understand the enemy. In "The Art of War," an ancient Chinese military treatise, general and strategist Sun Tzu wrote, "If you know the enemy and know yourself, you need not fear the result of a hundred battles." Applied to today's cyber war, this means companies need to adopt a hacker's mindset. Or better yet, have a group of well-intentioned hackers on their side. This is where bug bounty programs come in.

In the controlled environment of a bug bounty program, companies invite "friendly hackers" (also known as "ethical hackers" or "white hats") to probe their systems. Friendly hackers look for bugs in a company's software, abiding to a pre-agreed set of rules. In return, companies reward the friendly hackers with a gift in kind or a cash reward if they discover and report a security vulnerability.

GObugfree: A trusted Swiss solution

GObugfree is a Swiss vulnerability management platform that provides companies with continuous protection against cyber attacks. The SaaS platform is developed in Switzerland and carries the "swiss made software" label. GObugfree offers various vulnerability detection services, including tailor-made bug bounty programs, be it for SMEs, for startups or for large enterprises and independent of the maturity level of IT security. With a community of experienced security experts and trusted hackers, the Zurich-based company helps its customers find vulnerabilities and security gaps in their applications.

gobugfree_portraitbilder-schlaepfer.png
We offer legal certainty for the collaboration with verified friendly Hackers. For this purpose, we rely on the FINMA-compliant services of fidentity.
Michael Schläpfer, Chief Security Officer GObugfree AG

GObugfree operates according to Swiss law and standards. Chief Security Officer Michael Schläpfer explains, "We offer legal certainty for the collaboration with verified friendly hackers. For this, we rely on FINMA-compliant services from fidentity." GObugfree verifies the identity of friendly hackers who register for one of its programs. Huber reasons, "After all, our customers understandably want to know who the friendly hackers are who are looking for vulnerabilities in their digital products.”

fIdentity: Verified identities create trust

To ensure that the global community of friendly hackers is trustworthy, GObugfree partners with fidentity. The Bern-based company specializes in fully automated identity verification and digital signature solutions. A valid ID document, a smartphone and a smile: that's all it takes to verify a person's identity in just 90 seconds. Thanks to fidentity's fast, reliable and seamlessly integrated service, GObugfree is able to welcome new security researchers to their global community around the clock.

Thorsten-Hau-fidentity.jpg
Thorsten Hau, CEO fidentity AG, Foto Venturelab
The cooperation with GObugfree is a win-win situation for both parties and important in the fight against cyber attacks.
Thorsten Hau, CEO fidentity AG

An online identification solution must not only be fast and user-friendly, but also secure and trustworthy. For this reason, fidentity itself runs a public bug bounty program, managed by GObugfree, so that any security vulnerabilities can be discovered. Thorsten Hau, CEO and founder of fidentity, is convinced: "The cooperation with GObugfree is a win-win situation for both parties and important in the fight against cyberattacks." On the one hand, verified friendly hackers are even more trustworthy and on the other hand, an identification solution verified by friendly hackers for vulnerabilities is even more secure - and both support the fight against cybercrime.

Both companies are passionate about continuously improving their service offerings. Last November, they hosted a multi-day live hacking event with the goal of finding loopholes in fidentity's AI system. Participating friendly hackers were asked to fake the identity of one of three specified targets in order to bypass fidentity's checks.

Building a thriving ecosystem of trusted partners

As in nature, healthy relationships foster growth and development in the business world. GObugfree believes that a thriving ecosystem of innovative local partners is essential in the fight against cyberattacks. Working with trusted partners, GObugfree is pursuing its mission to provide easily accessible security to businesses of all sizes.

First published on Inside IT (in German)

Would you like to better protect your company from cyber attacks? Contact us today to learn more about the benefits of a bug bounty program.