PYMNTS-MonitorEdge-May-2024

Hack The Pentagon Open For (Bug) Bounty Hunters

Registration for the federal government’s premier bug bounty program is officially up and running.

The pilot program will allow hackers who are cleared through a criminal background check to look for security bugs and vulnerabilities in certain U.S. Department of Defense (DoD) systems, ZDNet reported on Monday (April 4).

The Hack the Pentagon Bug Bounty pilot will run from April 18 to May 12.

Last week, the department announced that it will partner with Bug Bounty-as-a-service firm HackerOne for its program, which the company described as an effort for the DoD to “explore new approaches to its cybersecurity challenges, and evolve to adopt the best practices used by the most successful and secure software companies in the world.”

While specific bounty payments have not been disclosed, the DoD said it will depend on a number of factors and will come from the program’s $150,000 in funding.

“This initiative will put the department’s cybersecurity to the test in an innovative but responsible way,” Secretary Ashton Carter said in a statement last week. “I encourage hackers who want to bolster our digital defenses to join the competition and take their best shot.”

The Hack the Pentagon pilot emulates similar challenges conducted by some of the nation’s biggest companies, such as Google, Facebook, Microsoft and PayPal, geared toward strengthening the security and delivery of networks, products, and digital services.

A security researcher recently helped PayPal address a security vulnerability that would have enabled malicious emails to be sent from its platform. PayPal awarded the researcher who found the bug with $1,000 for discovering the vulnerability and submitting it to the company’s bug bounty program, which encourages professional security researchers to submit any security flaws or issues they find directly to PayPal for the chance to win up to $10,000.

PYMNTS-MonitorEdge-May-2024