GSA to join DoD in hiring ethical hackers to find cyber vulnerabilities
The federal market for “white hat” hackers continues to grow. Not only are ethical security burglars popular in the Defense Department, but now the General Services Administration’s Technology Transformation Service (TTS) is setting up a bug bounty program.
TTS issued a draft solicitation in January aiming to set up a program where ethical hackers scan and find vulnerabilities in their cloud-based applications.
“As part of its programmatic focus on security, TTS needs to purchase access to a pre-existing, commercially available Bug Bounty software-as-a-service (SaaS) Platform that will allow it to launch and manage the TTS Bug Bounty program,” the performance work statement said. “This acquisition will give TTS access to a large network of security researchers, people who have an interest — both personally and financially — in helping to find and address bugs and other technical issues within TTS-owned web applications. While the Department of Defense has conducted a bug bounty program, this TTS program will be the first of its kind to be generated by a civilian (or non-DoD) federal agency. Only a select few small businesses are able to provide this software-as-a-service (SaaS) platform and that large network of researchers.”