Connect with us

Hi, what are you looking for?

Cyber Security

US government announces third Hack The Pentagon challenge

The US Department of Defense (DoD) is holding its third annual Hack The Pentagon challenge, it announced this week.

Hack The Pentagon was launched in 2016, opening the door for security researchers to look for vulnerabilities in some of its top assets.

Since its creation, the program has seen more than 600 ethical hackers and bug bounty hunters invited to find bugs in DoD resources, resulting in the disclosure of more than 700 issues so far.

In a statement posted to the US government website, the DoD confirmed it will be organizing a third iteration of the competition this year.

It also confirmed that it is looking for contractors to partner on the program.

“The DoD’s first Vulnerability Disclosure Policy (VDP) established a 24/7 pathway for security experts to safely disclose vulnerabilities on public-facing DoD websites and applications,” the US government website states.

“DDS [Defense Digital Service] has ongoing contracts with security firms HackerOne, Synack, and Bugcrowd to facilitate assessments for DoD components and military services against their respective assets.”

Going further

In 2021, the DoD expanded its VDP beyond its public-facing websites and web applications to encompass all publicly accessible information systems.

This brought into scope all public-facing DoD networks, radio frequency-based communication platforms, IoT devices, and industrial control systems, among other technologies.

Also 2021, the US Department of Homeland Security (DHS) also launched a bug bounty program, inviting selected security researchers to test for vulnerabilities in its systems.

Dubbed ‘Hack the DHS’, the program, held in 2022, included three different phases – a pen test, a live hacking event, and a detailed review process.

More than 450 vetted security researchers identified 122 vulnerabilities, of which 27 were subsequently determined to be critical, the DHS revealed, adding that it awarded a total of $125,600 for the bugs.

Copyright 2021 Associated Press. All rights reserved.

Source: https://portswigger.net/daily-swig/us-government-announces-third-hack-the-pentagon-challenge

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

Belgium became a haven for ethical hackers following the adoption of a nationwide safe harbor agreement last month. The framework means that well-intentioned security researchers are free...

Cyber Security

Twitter faced further criticism this week when Elon Musk’s social networking platform announced SMS-based 2FA will only be available to paying customers going forward....

Cyber Security

Belgium has become the first European country to adopt a national, comprehensive safe harbor framework for ethical hackers, according to the country’s cybersecurity agency....

Cyber Security

Apache has resolved a vulnerability potentially exploitable to launch remote code execution (RCE) attacks using Kafka Connect. Announced on February 8, the critical vulnerability...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO