Thank you for your interest in participating in the HackerOne U.S. Department of Defense (DoD) “Hack the Army 3.0” Bug Bounty challenge. This is an effort for DoD to explore new approaches to its security, and to adopt the best practices used by the most successful and secure software companies in the world. By doing so, the Army can ensure U.S. systems are as secure as possible.

Through bug bounty programs, the DoD has combined with the greatest hackers across the world to help secure U.S. systems, from the Air Force to the Army and Move.mil. With over 1,000 valid bugs found to date, the positive impact of researchers has caused a ripple effect across the United States government as we’re seeking for you to join the ranks to help secure our nation.

The “Hack the Army 3.0” Security Assessment has been updated to begin on January 6th, 2021 at 10:00 Eastern Daylight Time and end February 17th, 2021 at 23:59 Eastern Daylight Time.

Any vulnerability found by a federal government employee (military or civilian) should be reported to the HackerOne “Hack the Army 3.0” program upon discovery. These reports are not eligible for a bounty, however, we greatly appreciate your effort to keep the Army secure.

Useful Links:
Create HackerOne Account
About HackerOne
Disclosure Guidelines
Dept of Defense Vulnerability Disclosure Program

Status message

Sorry…This form is closed to new submissions.