Home / News / Hackers Found 118 Valid Vulnerabilities During Army Bug Bounty Program

Hackers Found 118 Valid Vulnerabilities During Army Bug Bounty Program

The U.S. Army received 118 valid vulnerability reports from participants involved in the the service branch’s bug bounty program that ran from Nov. 30 to Dec. 21, 2016.

HackerOne said Friday Hack the Army engaged 371 eligible participants including 25 government employees and 17 military personnel.

Participants sent 416 vulnerability reports and the first was submitted within five minutes after the program started, the company added.

HackerOne has paid hackers a total of $100,000 in bounties to date.

One participant found a pair of security flaws that opened direct access from the GoArmy.com recruitment website to a restricted Defense Department network, Federal News Radio reported Monday.

The Army said its cyber command worked to address the security problem as soon as participants discovered and reported the vulnerability, Jared Serbu wrote.

“That’s exactly the type of finding that shows the value of having human intelligence applied to this problem,” Alex Rice, HackerOne chief technology officer and co-founder, told the publication.

The Army partnered with HackerOne in November 2016 to launch the bug bounty program which serves as the first of a series of challenges that DoD plans to host after the Hack the Pentagon bug bounty pilot.

Check Also

GSA Implementing Robotic Process Automation in Federal Gov’t via Community of Practice

The General Services Administration is establishing a community of practice to enable federal government officials to share ideas and explore opportunities to advance the implementation of robotic process automation. GSA said Friday that Ed Burrows of the agency’s office of the chief financial officer will chair the RPA CoP, which will outline the best practices and determine technical options to realize the benefits of RPA and transition the federal workforce to high-value work in support of a cross-agency priority goal in the President’s Management Agenda.

Leave a Reply

Your email address will not be published. Required fields are marked *