Department of Defense’s ‘Hack the Pentagon’ Program Nets 138 Issues
Hack the planet? Tough. Hack the Pentagon? Easier, but still fairly tough. Yet, that didn’t stop more than 250 hackers from taking part in the Department of Defense’s first-ever bug bounty program. The pilot, which ran from April 18 to May 12—less than a month—netted 138 vulnerabilities that the Defense Department determined to be “legitimate, unique and eligible for a bounty.”
Though the bug bounty program ended up costing the federal government around $150,000, officials believe it was money well spent.
“It’s not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than $1 million,” said Ash Carter, Secretary of Defense, as reported by the DoD.