https://www.zdnet.com/article/hack-the-air-force-bug-hunting-challenge-uncovers-120-flaws-in-websites-and-services/
By Steve Ranger
ZDNet News
December 20, 2018
A bug bounty challenge which asked hackers to 'Hack the Air Force' has
resulted in 120 vulnerabilities being found and fixed and $130,000 being
paid out to participants.
The programme, organised by the US Department of Defense (DoD) and
bug-bounty company HackerOne, focused on public-facing Air Force websites
and services from October 19 to November 22 this year. Nearly 30
participating hackers submitted over 120 valid vulnerabilities throughout
the month-long programme, and the US Air Force awarded them over $130,000
for their efforts.
It was the seventh bug bounty program run by the DoD, and the third
involving the air force. The idea is that programmes like this allow the
military to find unknown security vulnerabilities with help from friendly
hackers before they are found by anyone else.
"It's critical to allow these researchers to uncover vulnerabilities in
Air Force websites and systems, which ultimately strengthens our
cybersecurity posture and decreases our vulnerability surface area,"
explained Capt James "JT" Thomas, Air Force Digital Service.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
