It never hurts to be prepared. Secure your company, now.

Secuna is the first and only coordinated vulnerability disclosure & bug bounty platform in the Philippines helping startups and SMEs by connecting them to vetted security researchers to find and fix security vulnerabilities before they can be exploited by cybercriminals.

How It Works

1. Launch Security Program

Secuna will collaborate with you in defining the scope, rules, and goals of your Security Program.

2. Engage with Vetted Hackers

Collaborate with our vetted hackers to uncover, validate, and fix their findings.

3. Acknowledge and Incentivize Results

You can either acknowledge them through our Thanks Page or incentivize them by awarding Bug Bounties.

Services

Secuna follows the ISO-29147 (Vulnerable Disclosure) and ISO 30111 (Vulnerability Handling Process). ISO-29147 defines the techniques and policies for vendors to receive vulnerability reports and publish remediation information. ISO 30111 gives guidelines for how to process and resolve potential vulnerability information in a product or online service.

Unmanaged Service

Establish a compliant vulnerability assessment and penetration testing process for receiving and handling of security vulnerabilities discovered by third-parties.

Managed Service

Our internal experts will design, manage, and support your security program from end to end. You’ll only receive valid findings from our vetted hackers.

Secuna Red Team Service

A comprehensive vulnerability assessment and penetration testing is designed to surface security vulnerabilities to reduce the risk of a security threat and comply with the regulation.

Vulnerability Disclosure Program (VDP)

VDP helps organizations to receive, coordinate, and act on valid security vulnerability submissions from our hackers.

Start Vulnerability Disclosure Program

Bug Bounty Program (BBP)

BBP incentivizes the hackers based on the quality of their submissions. If you find critical severity bug, you’ll earn huge bug bounty.

Start Bug Bounty Program

Our Features

Trusted Cybersecurity Professional

All the cybersecurity professionals on our platform go through a thorough screening procedure to ensure only the best of the lot get to work with you.

Flawless Vulnerability Management

Handling of security vulnerability is now easier and flawless. Secuna allows program owners to manage security vulnerability on their own.

Continuous Cybersecurity Assessment

External cybersecurity professionals continuously run tests and discover vulnerabilities in your product while also working to remediate any found issues.

Vulnerability Patch Verification

Right after you deploy a patch, cybersecurity professional can re-test the vulnerability and ask them to bypass it to validate the patch.

Hacker Reputation

Hacker's reputation will go up and down depending on the security vulnerability's validity, severity, and bounty. Only the best will rise to the top.

Seamless Bounty Payments

Cybersecurity Professionals loves any method of payment, and we got it all from a bank transfer, PayPal payment, to bitcoin payment.

Frequently Asked Questions

What is the relationship between the customer and hackers?

The hackers are non-employee independent contractors of Secuna and have no contractual relationship with a customer. The terms that govern Secuna's relationship with the hackers is the Vulnerability Disclosure Policy.

Are the bugs found by security researchers kept confidential?

The default provision of all Security Programs is that all discovered security vulnerabilities must be kept confidential. The default provision of all Security Programs is that all discovered security vulnerabilities must be kept confidential. Customers may permit hackers in publicly disclosing security vulnerabilities for general interest. Secuna encourage every customer to consider this option but are not compelled to do so.

Does Secuna comply with ISO standards?

Yes. Secuna adheres to ISO 29147 and ISO 30111. In accordance with ISO 29147, Secuna has an established process through which disclosed security vulnerabilities by a security researcher are reviewed and triaged by the customer with the appropriate resolution information. With regards to ISO 30111, Secuna provides remediation advice on your team with the information necessary to begin resolving vulnerabilities that have been both triaged and validated.

Which payment options are available?

PayPal is our default payment method, but occasionally we process bounties through Bitcoin. If for some reason we can’t process your bug bounty via PayPal, please do contact our support and we’ll find another way to pay your bug bounty to hackers.

How do you screen cybersecurity professionals?

As of now, we are performing a background checking and ID verification before we allow hackers to participate in any security programs. We are also planning to perform a Video Interview and Technical Assessment soon. Hackers from around the world may participate, except for hackers from countries the U.S. has issued export sanctions or other trade restrictions against (ex. North Korea, Iran, etc.).

Our Pricing Plans

Unmanaged Service

Free

Public by default

Unlimited Scopes

Vulnerability Disclosure Policy Assistance

Free re-tests & fix validation

Secuna Red Team Service

$1,000/app/mo

Private by default

Unlimited Scopes

Vulnerability Disclosure Policy Assistance

Free re-tests & fix validation

Secuna will triage and validate bug reports

Remediation Advice via Keybase

Managed by Secuna badge

Penetration Testing Report in PDF (For Compliance Purposes)

Exclusive to Top 10 Secuna Red Team Members Only

Managed Service

$1,500/qtr

Can be Public or Private

Unlimited Scopes

Vulnerability Disclosure Policy Assistance

Free re-tests & fix validation

Secuna will triage and validate bug reports

Remediation Advice via Keybase

Managed by Secuna badge

Our Awesome Clients

Kalibrr
InvestEd
Uploan
Synergy88
Gengo
Paylance
Cybertoolbelt
AliveShoes
ThanksBox (Mo Work)
Sigrid

Latest News

Image

Taxpayer Guide to Tax-related Identity Theft as Deadline Approaches

The Bureau of Internal Revenue’s tax deadline is on April 15, 2018, and Black Hat Hackers targeted taxpayers by ...

Image

The “I LOVE YOU” Virus

One of the most destructive and well-known virus, bearing the sweetest alias there is.

Image

The Trouble with Strong Passwords

In making a new account, have you ever experienced having a hard time meeting a site’s password requirement? ...