acm-header
Sign In

Communications of the ACM

ACM TechNews

Pentagon Launching Bug Bounty Program


A bug in the crosshairs.

The Hack the Pentagon initiative is the U.S. government's first "bug bounty" program.

Credit: blog.mantek.com

The Pentagon is inviting vetted hackers to the Hack the Pentagon initiative, the U.S. government's first "bug bounty" program, which calls on hackers to identify vulnerabilities on predetermined department systems, potentially for cash rewards.

The initiative will be led by the U.S. Defense Department's Defense Digital Service (DDS), an arm of the U.S. Digital Service, which recruits coders for a "tour of duty."

"They come in for a year or a two or a project and make a contribution to us," says Defense Secretary Ashton Carter. He says the project's goal is to let ethical hackers uncover vulnerabilities before malevolent hackers do.

Some cybersecurity experts are skeptical of the program because insisting hackers submit to background checks and only hack "predetermined" systems goes against hacker ethos, according to the Council of Foreign Relations' Micah Zenko.

However, other observers are more optimistic. "Inviting members of the highly skilled hacker community is an incredibly effective way to identify inevitable security vulnerabilities that your own testing missed," says HackerOne's Katie Moussouris.

In addition, Hack the Pentagon could fortify the overall government cybersecurity business community, and lure cybersecurity talent to government jobs.

From Government Computer News
View Full Article

 

Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA


 

No entries found