HackerOne & Synack partner with DoD to follow up on "Hack the Pentagon" initiativeNews
October 21, 2016
WASHINGTON. HackerOne and Synack received a Department of Defense (DoD) contract to create a new contract vehicle for for DoD components and services to launch ?bug bounty? challenges with the goal to normalize the crowd-sourced approach to digital defenses.
In the spring of this year, DoD hosted the first bug bounty program - Hack the Pentagon - and now officials are prepared to launch a second, two-pronged effort with HackerOne and Synack as partners.
Officials explain, this contract vehicle for a crowd-sourced security solution can also serve as a road map for other departments and agencies across the federal government to adopt and implement as well. Defense Digital Service will work with DoD components and external government agencies in a consultative role to advise on the execution of future programs.
Defense Digital Service led the first bug bounty program and the team was created by Secretary Carter last November to bring in private sector talent and best practices to transform the way DoD approaches technology.
The results of the pilot program brought to light 138 unique vulnerabilities and were remediated in near real-time by the Defense Media Activity. Secretary Carter recognized the value of the program and directed other DoD components and military services to utilize the bug bounty concept as a “valuable tool in their own security toolkit.”
Initiatives like bug bounties are designed to identify and resolve security vulnerabilities within DOD websites.
Read more on cybersecurity:
SAIC selected to support Cyberspace Operations systems for DoD