The Ministry of Digital Development of Russia has announced the launch of a new stage of the bug bounty program aimed at strengthening the digital security of government services. The program is implemented on the BI.ZONE Bug Bounty platform and covers 10 government systems, including the voter's personal account and the Unified Biometric System. The maximum reward for a found vulnerability is 1 million rubles, while the amount depends on the criticality level of the detected bug.
The full list includes the following services:
- Госуслуги — portal of government services
- ЕСИА — unified identification and authentication system
- ГИС ЕБС — unified biometric system
- СМЭВ — system of interdepartmental electronic interaction
- ПОС — feedback platform
- НСУД — national data management system
- ЕИСУКС — unified information system for managing the personnel of the state civil service
- ГУЦ — головной удостоверяющий центр
- ЕСНСИ — unified system of regulatory reference information
- Госвеб — unified platform of official state websites
Since the launch of the initiative in 2023, more than 18 thousand information security specialists have participated in it. According to Andrey Levkin, product manager at BI.ZONE Bug Bounty:
The public sector is already the fastest growing on our platform for the second year. The Ministry of Digital Affairs has set a good example: since the launch of the program, we have had more than 20 projects from various government agencies.
BI.ZONE Bug Bounty provides companies with the opportunity to publish programs for testing security, and bug hunters to receive monetary rewards for identified vulnerabilities. Among the platform participants are Sber, VK, «Т-Банк», «Группа Астра», as well as the regional authorities of the Perm Territory, Tula and Volgograd regions.
Read more on the topic:
Russian cryptographic libraries are integrated into the domestic messenger Max
Biometric terminals for the "Rodina Card" were presented by Rostec at the Innoprom-2025 exhibition
