US Department of Defense invites hackers to help harden its security systems

US Department of Defense invites hackers to help harden its security systems thumbnail

A new bug bounty program has been launched

The US government is tapping into the expertise of the hacking community in an effort to tighten up its cybersecurity protections.

Earlier this week, the Chief Digital and Artificial Intelligence Office (CDAO), the Directorate for Digital Services and the Department of Defense Cyber Crime Center (DC3) jointly launched “Hack US”, a bounty-hunting program aimed at identifying high-severity flaws in government systems.

As reported by VentureBeat, the Department of Defense (DoD) has a budget of some $110,000 for white-hat hackers that discover dangerous flaws. Critical severity reports will earn hackers $1,000 a piece, high severity ones $500, and there’s a $3,000 reward for those in additional special categories.

Armies of hackers

Speaking to the publication, Casey Ellis, founder and CTO at Bugcrowd, says tapping into the community’s potential makes sense, given that the attackers often work in groups and generally outnumber the defenders.

“It takes an army of adversaries to outsmart an army of allies, and many organizations are tapping into the community of millions of good-faith hackers around the world who are skilled, ready, and willing to help,” Ellis said.

“The good folks at DoD DC3 have been running a vulnerability disclosure program for many years with great diligence and success, so to see them ‘upgrade’ this to a paid bug bounty program makes a lot of sense,” Ellis said. 

But it’s not just about the numbers of attackers sifting through code for flaws – it’s also about the number of flaws. According to the VentureBeat report, the average organization has more than 30,000 vulnerabilities on its attack surface, which is a lot more than what a small internal security team can handle.

READ:  SF Department of Public Health offering supplemental vaccines to some who received J&J shot

Consequently, almost half (44%) of organizations aren’t confident they can properly secure all of their endpoints, even with the best cybersecurity solutions in place.

Via: VentureBeat

By Sead Fadilpašić

Read More

Learn More: latest news on stimulus,u visa latest news,o panneerselvam latest news,g dragon latest news,latest news about stimulus check,j cole latest news,p chidambaram latest news,hepatitis b latest news,sarah g latest news,l&t latest news,p square latest news,

Leave a Reply

Your email address will not be published. Required fields are marked *