DOD rings in Independence Day with bug bounties
HackerOne is managing a $110,000 bounty program through July 11.
The Department of Defense is offering $110,000 in bug bounties for flaws in its public-facing systems through July 11.
The effort is part of the Hack the Pentagon's vulnerability disclosure program managed by HackerOne. The company announced on its website that findings of high- and critical severity- level vulnerabilities are eligible for cash payouts.
HackerOne describes the weeklong effort as "experimental" and notes that the program is "intended to give security researchers terms and conditions for conducting vulnerability discovery activities directed at [public-facing DOD] information systems, including web properties, and submitting discovered vulnerabilities to DOD."
Hack the Pentagon was launched in 2016 by the Defense Digital Service to root out flaws on DOD websites. Just this May, the program was expanded to include all public-facing internet applications.
Separately, HackerOne reported on Friday that it suspected an employee had "improperly accessed security reports for personal gain," according to a company release. The employee, who was fired after the company's investigation, reportedly attempted to use inside knowledge of a vulnerability disclosure to extort a HackerOne customer.