DHS Launches Bug Bounty Program for Information Systems

Jeff Brody

The Department of Homeland Security has launched a new bug bounty program with the Office of Management and Budget to gather information on cyber vulnerabilities. DHS’ Office of the Chief Information Security Officer requests firms and other organizations to submit information on security weaknesses detected within the department’s information systems, DHS said Wednesday in a Federal Register notice.

Security vulnerabilities refer to any characteristic in hardware, software, process or procedure that serves as a factor or opening to cyber threats. DHS asks responders to report information on vulnerable hosts, reproduction of vulnerabilities, potential host impacts and ways to address vulnerabilities.

Interested parties may submit responses through Oct. 27, or 60 days after the request’s publication on the federal register.

Check Also

NSA

NSA Warns of Cyber Vulnerability in Email Transfer Software

The National Security Agency has identified a vulnerability that Russian cyber actors take advantage of to attack mail transfer networks. Sandworm Team, a Russian military group, has exploited the CVE-2019-10149 vulnerability found in the Exim software that Linux and Unix systems use as a mail transfer agent, NSA said Thursday.