Home / News / Ashton Carter: Pentagon’s Bug Bounty Program Uncovers 138 ‘Legitimate’ System Vulnerabilities

Ashton Carter: Pentagon’s Bug Bounty Program Uncovers 138 ‘Legitimate’ System Vulnerabilities

cyber-hack-network-computerThe Defense Department received at least one vulnerability report from more than 250 ethical hackers who took part in the department’s bug bounty program that occurred from April 18 to May 12, DoD News reported Friday.

Lisa Ferdinando writes Defense Secretary Ashton Carter said that 138 of those vulnerability reports during the Hack the Pentagon event were found to be legitimate and qualified for a bounty.

Participants worked to identify bugs in the department’s public-facing websites such as defense.gov, dodlive.mil, dvidshub.net, myafn.net and dimoc.mil, according to the report.

Carter added DoD partnered with San Francisco-based HackerOne to resolve the uncovered flaws.

The Defense Digital Service organization kicked off the $150,000 crowdsourcing initiative in March as part of efforts to strengthen the security of networks and systems across the department.

Lisa Wiswell, DDS digital security lead, said monetary rewards under the program range from $100 to $15,000 based on the number of qualified submissions.

Check Also

GAO: Air Force to Deploy New Combat Rescue Helicopters to Active Component by FY 2020

The Government Accountability Office has found that the U.S. Air Force intends to start fielding in fiscal 2020 new Combat Rescue Helicopters to replace aging HH-60G Pave Hawk helicopters that have recorded the most flight time when it comes to staff recovery missions. GAO said in a report published Thursday the service will initially deploy the new helicopters to the active component six years ahead of the reserve component and to the Air National Guard by 2027.

Leave a Reply

Your email address will not be published. Required fields are marked *