Short Bytes: The US Department of Defense’s new division Defense Digital Service (DDS) is launching a new pilot program called Hack the Pentagon. This first of its kind bug bounty program of federal government invites hackers and coders to test the security of government services.
As a part of this program, the government will allow qualified cyber security experts to conduct vulnerability analysis of the department’s websites. The government mentions that the program is modeled similarly to that of the nation’s biggest companies to enhance the level of network security.
During the first iteration, the government plans to subject only a selected set of public service to hacking attempts and avoid exposing more sensitive web pages like department’s critical, mission-facing systems.
Who will be allowed to participate in Hack the Pentagon?
Prior to the participation in the pilot program, the hackers need to register and submit to a background check. Once vetted, the hackers will be allowed to hack the specified services under a controlled and limited duration program. The announcement mentions that participants could be eligible for recognition and rewards.
“I am always challenging our people to think outside the five-sided box that is the Pentagon,” said Secretary of Defense Ash Carter. “Inviting responsible hackers to test our cyber security certainly meets that test. I am confident this innovative initiative will strengthen our digital defenses and ultimately enhance our national security.”
This program is an initiative of the US Department of Defense’s new division Defense Digital Service (DDS) that’s led by former Microsoft executive Chris Lynch. Mr. Lynch says that he’s using his industry contacts to invite security experts and coders to participate.
It should be noted that during the past years bug bounty programs have become a norm for the tech companies as it allows the tech companies to fix their security loopholes and services before hackers get a chance.
Hack the Pentagon pilot program will go live next month and we’ll be sharing the participation rules and requirement in the upcoming weeks.
Choose your own cyber security eLearning course here: