The Department of Defense expands Hack the Pentagon program that allows the public to find and report bugs and vulnerabilities behind a monetary reward
The Department of Defense United States of America has decided to expand the program Hack the Pentagon, which provides for public participation in a “bug hunt” with a monetary reward for those who identify and report any vulnerabilities of information systems DoD.
The Hack the Pentagon program was launched initially as a pilot project, in the period between April 18 and May 12 showing right now some effectiveness, with the first bug that has been brought to the attention of the DoD (Department of Defense) just 13 minutes after the launch.
In the pilot phase, participants were able to exercise their ability to hackers only five websites of the Department of Defense, thinking now of extending the initiative transforming it in a permanent program that can collect vulnerability report on a larger number of sites and systems .
Hack the Pentagon is the first mass initiative in the field by the US government to engage and reward the public identification of those bugs that if not properly addressed could be exploited by criminals to penetrate the computer systems of Defense.
“The pilot program was a success, but has tested the concept of crowdsourced security only for web sites open to the public. We believe that this concept can be successful even if applied to other challenges that the Department is facing in the field of security, “said a spokesman for the DoD.
Hack the Pentagon was managed by HackerOne platform, which states that the pilot program has helped to generate 138 unique bug reports for a total of more than $ 71,000 of rewards paid to those who have identified vulnerabilities. Among the participants in the program there is also David Dworken, a boy who has just finished his studies in high school, which made 22 known bugs in the Department of Defense.
Meanwhile, the DoD is committed on three fronts to strengthen the program: to develop a Vulnerability communication process, expand the “bug hunt” program and add incentives for contractors of the Department so that it can also carry out tests on their systems.