The US administration reveals its third ‘Hack The Pentagon’ challenge
Invitation extended to ethical hackers and bug bounty hunters to examine Department of Defense resources.
This week, the US Department of Defense (DoD) revealed that it is conducting its third yearly ‘Hack The Pentagon’ competition.
In 2016, the initiative called “Hack The Pentagon” was kickstarted. This provided an opportunity for cybersecurity experts to search for potential weak spots in some of its most valuable resources
Ever since its inception, the software has welcomed over 600 moral cyber sleuths and bug bounty seekers to unearth glitches in Department of Defense assets, leading to the revelation of over 700 problems to date.
Dive deeper into the most recent updates on bug bounty
The US Department of Defense (DoD) announced on the government’s official website that they are planning to host the third edition of the competition this year.
It also verified that it is in search of contractors to collaborate on the project.
“The US Department of Defense’s initial Vulnerability Disclosure Policy (VDP) has created a round-the-clock channel for cybersecurity specialists to securely report weaknesses in DoD’s public websites and applications,” according to the official US government website.
“The Defense Digital Service (DDS) is currently partnered with security companies such as HackerOne, Synack, and Bugcrowd. These partnerships enable them to conduct evaluations for Department of Defense units and military services to gauge the security of their specific resources.”
Pushing the boundaries
In 2021, the Department of Defense broadened its Vulnerability Disclosure Program to include not just its public websites and web applications, but all publicly accessible information systems.
This expanded the focus to include all DoD networks accessible to the public, communication platforms based on radio frequency, IoT gadgets, and industrial systems controls, along with other technologies.
INTRODUCTION The U.S. government kickstarts the ‘Breach the DHS’ rewards initiative for identifying software vulnerabilities
In the year 2021, the Department of Homeland Security (DHS) in the United States initiated a bug bounty program. They welcomed a chosen group of security experts to inspect their systems for any potential weaknesses.
The initiative, named “Hack the DHS”, which took place in 2022, encompassed three distinct stages – a penetration test, a real-time hacking activity, and a thorough evaluation procedure.
Over 450 approved security experts discovered 122 security flaws, out of which 27 were later classified as critical, according to the DHS. They further disclosed that a total of $125,600 was given as rewards for finding these vulnerabilities.