Home / News / Report: ‘Bug Bounty’ Participants Hunt Vulnerabilities in GSA Web Devt Tool

Report: ‘Bug Bounty’ Participants Hunt Vulnerabilities in GSA Web Devt Tool

The General Services Administration‘s Technology Transformation Service has challenged ethical hackers to identify vulnerabilities within the agency’s government website development platform as part of a “bug bounty” program, Nextgov reported Wednesday.

Laura Gerhardt, a TTS technical lead, said at FCW’s cybersecurity summit that the organization initially opened the Federalist web tool to a select group of security researchers but did not discover as many vulnerabilities as expected.

The TTS Bug Bounty program was launched in May to offer cash rewards of up to $5,000 to cyber researchers who can spot bugs in TTS-operated web applications.

Gerhardt noted TTS aims to set up bug bounties for other agency tools soon.

She added that federal agencies must have enough personnel to address all reported vulnerabilities if they plan to launch bug bounty initiatives.

GSA awarded HackerOne a contract to deliver a software-as-a-service bug reporting platform and help manage TTS’ bug bounty program.

Check Also

Merit Systems Protection Board Seeks Increase From President’s Budget Request

The Merit Systems Protection Board filed a bypass request with Congress seeking $46.8M in funds for 2020, reflecting a $4.6M increase from the president’s proposed budget. MSPB said in its congressional budget justification the president’s budget request of $42.3M represents a 10 percent cut to the board’s current funding level and would result in a workforce reduction if enacted.

Leave a Reply

Your email address will not be published. Required fields are marked *