topleft
topright

Want This Page Wider?

Use the A+, A-, R, and <> or <-> buttons at the top right of this page to make the fonts bigger and smaller or switch between a fixed-width and fluid-width style to this web site.
DoD Hack the Pentagon' Program Nets 138 Issues PDF Print E-mail
Hack the planet? Tough. Hack the Pentagon? Easier, but still fairly tough. Yet, that didn't stop more than 250 hackers from taking part in the Department of Defense's first-ever bug bounty program. The pilot, which ran from April 18 to May 12—less than a month—netted 138 vulnerabilities that the Defense Department determined to be "legitimate, unique and eligible for a bounty."

Though the bug bounty program ended up costing the federal government around $150,000, officials believe it was money well spent.

"It's not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than $1 million," said Ash Carter, Secretary of Defense, as reported by the DoD.

The Department of Defense seems pleased by the results, as it also announced that it's now planning to expand its bug bounty program and introduce other policies designed to help bolster DoD security. That includes the creation of a new vulnerability disclosure policy that will allow anyone to submit information about potential vulnerabilities in DoD systems, networks, applications, or websites.

"Next we will expand bug bounty programs to other DoD Components, in particular the Services, by developing a sustainable DoD-wide contract vehicle. Lastly, we'll include incentives in our acquisition policies and guidance so that contractors practice greater transparency and open their own systems for testing – especially DoD source code. With these efforts, we will capitalize on Hack the Pentagon's success and continue to evolve the way we secure DoD networks, systems, and information," reads an announcement from the Department of Defense.
 
< Prev   Next >

West-Point.Org (WP-ORG), a 501(c)(3) non-profit organization not affiliated officially with the United States Military Academy, provides an online communications infrastructure that enables graduates, parents, and friends of the military academy to maintain and strengthen the associations that bind us together. We will provide this community any requested support, consistent with this purpose, as quickly and efficiently as possible. WP-ORG is funded by the generosity of member contributions. Our communication services are provided in cooperation with the AOG (independent of USMA) and are operated by volunteers serving the Long Gray Line. Contents of and comments on this web site do not reflect the official position of the United States Military Academy or the Department of the Army.  For questions or comments, please email us at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it

Joomla Template by Joomlashack
Joomla Templates by JoomlaShack Joomla Templates