The Dept. of Defense hosted the first federal government ‘bug bounty program’ last spring.
In the “Hack the Pentagon” pilot over 1,400 registered hackers tested the defenses of five DOD websites, and found and fixed 138 unique vulnerabilities.
Now the agency is launching a second effort to identify and resolve security vulnerabilities within DOD websites.
The DoD contract awarded to HackerOne and Synack, aims to create a new contract vehicle that will allow them to more easily launch ‘bug bounty’ challenges, and normalize the crowd-sourced approach to digital defenses.
This contract vehicle for a crowd-sourced security solution could serve as a road map for other departments and agencies across the federal government.
Send contract inquiries to hackthepentagon@dds.mil