Home / News / Hackers Found 118 Valid Vulnerabilities During Army Bug Bounty Program

Hackers Found 118 Valid Vulnerabilities During Army Bug Bounty Program

The U.S. Army received 118 valid vulnerability reports from participants involved in the the service branch’s bug bounty program that ran from Nov. 30 to Dec. 21, 2016.

HackerOne said Friday Hack the Army engaged 371 eligible participants including 25 government employees and 17 military personnel.

Participants sent 416 vulnerability reports and the first was submitted within five minutes after the program started, the company added.

HackerOne has paid hackers a total of $100,000 in bounties to date.

One participant found a pair of security flaws that opened direct access from the GoArmy.com recruitment website to a restricted Defense Department network, Federal News Radio reported Monday.

The Army said its cyber command worked to address the security problem as soon as participants discovered and reported the vulnerability, Jared Serbu wrote.

“That’s exactly the type of finding that shows the value of having human intelligence applied to this problem,” Alex Rice, HackerOne chief technology officer and co-founder, told the publication.

The Army partnered with HackerOne in November 2016 to launch the bug bounty program which serves as the first of a series of challenges that DoD plans to host after the Hack the Pentagon bug bounty pilot.

Check Also

Report: Army’s CDID Eyes Robotic Technologies for Precision Strikes Against Enemies

The U.S. Army's capabilities development and integration directorate has teamed up with the National Advanced Mobility Consortium to develop autonomous system and robotic technologies intended for precision strike operations, Military.com reported Monday.

Leave a Reply

Your email address will not be published. Required fields are marked *