Beautiful bug harvest for hackers eligible to participate in the Pentagon Hack program. No less than 100 vulnerabilities were discovered.
Last March, the US Department of Defense launched its bug research program, “The Pentagon Hack“. It was not until April that this contest registrations are open. The program created in partnership with HackerOne was reserved for hackers previously saved and the profile was checked. These should also be US citizens. The targets were also predefined outside sensitive areas.
A challenge that 1400 certified hackers have taken up between April 12 and May 18 and the harvest was good, said Ashton Carter, Secretary of State for Defence during a technology forum in Washington. No less than 100 flaws were discovered, said the minister, without giving details on these vulnerabilitie.
He added that the Defense Ministry plans to pay a bonus up to $ 15 000. “Hackers help us strengthen our security at a lower cost,” says Ashton Carter, adding that he prefers “the brilliant work of the white hackers, rather than to be given lessons by pirates.”
Success of the first federal Bug Bounty
A first Bug Bounty so successful for the Pentagon, which assumes having pioneered at the federal level. “Why nobody else has done at the federal level? “Questioned Ashton Carter. “There is no good answer to that question,” begs the policy, but to praise the success of the initiative. The Pentagon later followed a movement initiated by the giants of Silicon Valley, like Facebook, Microsoft and Google. Firms that have spent millions of dollars to reward hackers.
Note that the Pentagon has created in March the “Defense Innovation Advisory” in charge of adapting the administration to technological change from the private world. This advisory board is headed by Chairman Eric Schmidt Alphabet, the parent company of Google. Ashton Carter said in a speech in Washington that other members will integrate the council as the founder of LinkedIn, Reid Hoffman.