Tags vulnerability disclosure

Ongoing bug-bounty pilot pinpoints many vulnerabilities in DOD’s cyberspace

by

White-hat hackers in the U.S. and overseas are uncovering potentially serious vulnerabilities in the Defense Department’s cyber assets through a bug bounty program, with an $110,000 pool that cybersecurity company HackerOne and several Pentagon components are hosting between July 4 and 11. The initiative — known as Hack U.S. — is enabling the DOD to experiment with paid public incentives in its vulnerability disclosure program (VDP) to see if such…

DOD expands vulnerability disclosure program to contracting base in pilot

by

Much like the Department of Defense has increasingly looked to white-hat ethical hackers to seek out vulnerabilities in its systems over the past five years, the department also believes those independent researchers can help in shoring up the security of the defense industrial base. DOD’s Cyber Crime Center, in partnership with HackerOne, just concluded a yearlong Defense Industrial Base-Vulnerability Disclosure Program (DIB-VDP) Pilot in which it invited members of the…