Hack the Pentagon shutters 100 bugs

1,400 white hats jostle for vulns

White hats have found more than 100 vulnerabilities in Pentagon infrastructure under its bug bounty program.

Some 1,400 hackers participated in the Hack the Pentagon bug bounty program handing out up to $US14,000 for disclosures of the worst vulnerabilities.

US Defense Secretary Ashton Carter told the Defense One conference in Washington DC Friday that the bug bounty has dropped the cost of vulnerability discovery.

"They are helping us to be more secure at a fraction of the cost," Carter says.

As The Register reported The Pentagon launched its bounty with Carter saying it would strengthen "digital defenses and ultimately enhance national security".

Bug hunters must first pass a background check before being permitted to hack the agency's web properties.

Highly-sensitive parts of the Pentagon are out of scope for external bug hunters.

Feature: The bug bounty boom.

The agency's Defense Innovation Advisory was set up in March led by Alphabet's Eric Schmidt to help it keep pace with the private sector.

Carter revealed in a speech a day earlier that the Pentagon would seek to fast track information security boffins into high-ranking positions in the military.

The proposal dubbed Force of the Future would be challenged to pass before January when President Obama's term will end and Carter likely replaced. ®


Biting the hand that feeds IT © 1998–2017