Army announces a bug bounty program
This week, the U.S. Army announced its first ever bug bounty challenge.
The Army, in partnership with HackerOne, will offer eligible hackers an opportunity to uncover security vulnerabilities in its systems. HackerOne is a vulnerability disclosure company that specializes in vulnerability coordination and setting up bug bounty platforms.
The program will be set up to offer a series of challenges where participants look to discover current security weaknesses. Eligible hackers will be able to try to exploit the Army’s systems and earn competitive bounties.
These outside hackers will, in essence, produce an external view on the internal systems that the Army’s cybersecurity personnel already know well.
— HackerOne (@Hacker0x01) November 11, 2016
Hack the Pentagon
This Army-backed bug bounty program is an extension of the DoD’s “Hack the Pentagon.”
In March, the DoD launched its first Hack the Pentagon program. The program allowed vetted cybersecurity pros a chance to exploit vulnerabilities in public DoD webpages.
“Hack the Pentagon demonstrated the success of these bug bounty challenges for DoD assets with 138 vulnerabilities resolved during the 24 day pilot.” — HackerOne
According to HackerOne, participants in “Hack the Pentagon” uncovered 138 vulnerabilities in about 24 days
Hackerone said in their official announcement of this latest partnership that more details about the specifics of the Army bounty program will be released soon.