The US Air Force launches bug bounty program

Wednesday, April 26, 2017 Unknown 0 Comments Category : ,



The Air Force announced today that it will launch a bug bounty next month for several of its public-facing websites, allowing hackers to seek out vulnerabilities in the sites and exchange them for cash rewards.
Over the past year, the federal government has slowly started to open up to the idea of bug bounty programs. Hack the Pentagon, which launched last April, was the government’s first foray into bug bounties, and the program has since been expanded to include Army websites, as well.
The Air Force bug bounty will be the first federal government program that invites hackers from outside the United States to participate — the challenge will be open to hackers based in the U.K., Canada, Australia and New Zealand, as well as those based in the U.S. Like other federal bug bounties before it, the Air Force program will be administered by HackerOne and will allow military members to participate too (although they’re not allowed to earn rewards).
“This is the first time the AF has opened up our networks to such broad scrutiny,” Air Force chief information security officer Peter Kim said in a statement. “We have malicious hackers trying to get in to our systems every day. It will be nice to have friendly hackers taking a shot and, most importantly, showing us how to improve our cybersecurity and defense posture. The additional participation from our partner nations greatly widens the variety of experience available to find additional vulnerabilities.”
Bug bounties have their roots in private industry, but have been gaining support in the government through the work of the Defense Digital Service, an agency that brings skilled tech workers into the Defense Department for “tours of duty.” 

RELATED POSTS

0 comments