Wednesday, May 1, 2024
Wednesday, May 1, 2024
Key Issues HADES deployment SAOC contract FORGE framework
The Defense Department has launched a new website to accompany its long-running "Hack the Pentagon" program.
The department began the HtP program in 2016 using “bug bounties” as “innovative way to secure critical Department of Defense (DOD) systems and assets,” according to DOD.
The program invites “vetted, independent security researchers, known as ‘ethical hackers,’ to discover, investigate and report vulnerabilities, which DOD can then remediate,” DOD said.
The new website is intended to be a resource for other DOD organizations, vendors and “ethical hackers” wanting to learn how to conduct similar “bug bounty” programs.
"With the HtP website launch, [DOD] is scaling a long running program, which historically offered services on a project-by-project basis, by offering the Department better access to lessons learned and best practices for hosting bug bounties," said Craig Martell, DOD’s chief digital and artificial intelligence officer.
The Pentagon also said it intends for the website to recruit new talent.
"Through Hack the Pentagon, we're building a global talent pipeline for cybersecurity experts to contribute to our national defense outside of traditional government career paths," said Jinyoung Englund, acting director of CDAO’s Directorate for Digital Services.
“Since HtP's initial launch in 2016, DDS has run 40+ bug bounties with over 1,400 ethical hackers who have collectively flagged 2,100+ vulnerabilities for remediation,” DOD said.