Hackers we have big news from our partners at the Pentagon! The DoD is announcing their Vulnerability Disclosure Policy and registration is open to sign up for the opportunity to hack the U.S. Army!
The DoD Vulnerability Disclosure Policy
Today the U.S. Department of Defense announced the DoD’s new Vulnerability Disclosure Policy (VDP) — outlining a legal avenue for any hacker to disclose vulnerabilities in any DoD public-facing systems. This policy is a first of its kind for the U.S. Government. With DoD’s new vulnerability disclosure policy, hackers have clear guidance on how to legally test for and disclose vulnerabilities in DoD’s websites outside of bug bounty challenges. This new initiative underscores DoD’s commitment to working in partnership with the hacker community to improve security.
Starting today, hackers who become aware of vulnerabilities can disclose them to DoD on HackerOne. For specifics on the new vulnerability disclosure policy, check out: hackerone.com/DeptOfDefense. The DoD’s vulnerability disclosure policy does not include bounty rewards, but we're also thrilled to announce that registration is now open for Hack the Army!
Register Now to Hack the Army!
Registration is now open for Hack the Army bug bounty challenge. Announced on November 11 by Secretary of the Army, Eric Fanning, Hackers can register now for a chance to be one of the hackers invited to hack the largest branch of the U.S. military.
The most ambitious Federal bug bounty program to date, Hack the Army targets will include operationally significant websites including those mission critical to recruiting. Can you find personal information in qualifying websites? If so, the Army wants to know how you did it and reward you! Selected hackers will have a chance to earn thousands of dollars in cash for improving the Army’s security.
The scope for Hack the Army, including websites and databases will be shared with registered and invited hackers as the challenge approaches. Review full eligibility rules and register now for a chance to take a shot at the Army at: hackerone.com/hackthearmy
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally exploited. As the contemporary alternative to traditional penetration testing, our bug bounty program solutions encompass vulnerability assessment, crowdsourced testing and responsible disclosure management. Discover more about our security testing solutions or Contact Us today.