Celebrating Five Years of Collaboration Between NCC Group & NCSC on the Responsible Disclosure of Vulnerabilities

Since 2018, NCC Group has supported NCSC in making government systems more secure and resilient through its Vulnerability Reporting Service (VRS) programme. 

NCC Group’s Bug Bounty Services Practice has played a crucial role in triaging and managing the VRS program, ensuring that vulnerabilities are addressed promptly and effectively.

For five years now, NCC Group has been a steadfast partner in supporting the UK National Cyber Security Centre (NCSC) through their Vulnerability Reporting Service (VRS). This collaborative effort aims to enhance the security and resilience of government systems by responsibly disclosing vulnerabilities found in UK government services.

The Vulnerability Reporting Service (VRS), established by the NCSC in 2018, provides a channel for security researchers to report vulnerabilities they discover in government services. By doing so, researchers contribute to the overall security posture of these critical systems. NCC Group’s Bug Bounty Services Practice has played a crucial role in triaging and managing the VRS program, ensuring that vulnerabilities are addressed promptly and effectively.

Last week, to commemorate five successful years of this partnership, the NCSC, joined by NCC Group and government representatives, including NCSC’s CTO, Ollie Whitehouse, recognized outstanding researchers nominated by NCC Group at an in-person event in London. 

These exemplary individuals have demonstrated their commitment to responsible vulnerability disclosure. As a token of appreciation, the NCSC awarded them challenge coins, symbolizing the positive impact of the vulnerability reporting service on government security and valuable contributions to the broader security community.

Christian Lopez, Associate Director at NCC Group, has been at the forefront of this project, leading efforts to strengthen the security landscape. NCC Group’s Bug Bounty Services Practice dedication and expertise have contributed significantly to the success of the VRS program.

“We take immense pride in the team effort and dedication demonstrated by the entire Bug Bounty Services Practice throughout our journey with NCSC over the past 5 years. Together, we have achieved milestones and fortified our commitment to cyber security excellence.”

Last week, NCC Group, alongside government representatives and CTO of NCSC, Ollie Whitehouse, gathered to celebrate the contributions of UK-based researchers. These individuals have not only helped secure the UK Government but have also made valuable contributions to the broader security community.

NCC Group’s commitment extends beyond the VRS program. Their investment in security and privacy research benefits society as a whole. Through vulnerability advisories, whitepapers, open-source tools, and knowledge-sharing presentations, NCC Group actively contributes to a safer digital environment.

Their collaboration with vendors like Dell, Google, and Meta ensures that cutting-edge technology products undergo rigorous assessments, promoting security and trust.