TMCnet News
U.S. Department of Defense Announces Hack the Marine Corps Bug Bounty Program With HackerOneThe U.S. Department of Defense (DoD) and HackerOne, the leading hacker-powered security platform, today announced the launch of the Department's sixth bug bounty program, Hack the Marine Corps. The bug bounty challenge will focus on Marine Corps' public-facing websites and services in order to harden the defenses of the Marine Corps Enterprise Network (MCEN). The bug bounty program will conclude on August 26, 2018. The Marine Corps' bug bounty program kicked off with a live-hacking event in Las Vegas, Nev. on August 12, 2018 coinciding with the world's largest hacker and security conferences, Black Hat USA, DefCon and BSides Las Vegas. Nearly 100 hand-selected ethical hackers from the global security researcher community participated in nine straight hours of hacking Marine Corps public-facing websites and services for vulnerabilities. During the launch event, expert security researchers were shoulder-to-shoulder with the Marines from U.S. Marine Corps Cyberspace Command (MARFORCYBER), representing both offensive and defensive cyber teams. Hackers filed 75 unique valid security vulnerability reports during the event and were awarded over $80,000 for helping further secure the MCEN, the Marine Corps' portion of the DoD Information Network (DoDIN). "Hack the Marine Corps allows us to leverage the talents of the global ethical hacker community to take an honest, hard look at our current cybersecurity posture. Our Marines need to operate against the best. What we learn from this program will assist the Marine Corps in improving our warfighting platform, the Marine Corps Enterprise Network. Working with the ethical hacker community provides us with a large return on investment to identify and mitigate current critical vulnerabilities, reduce attack surfaces, and minimize future vulnerabilities. It will make us more combat ready," said Maj.Gen. Matthew Glavy, Commander, U.S. Marine Corps Forces Cyberspace Command. U.S. Marine Corps The Hack the Marine Corps bug bounty program supports the Marine Corps' ongoing commitment to hardening its defensive posture and overall cybersecurity. In March, the Marine Corps announced the creation of a cyberspace career field that provides a professionalized, highly skilled workforce that can effectively employ cyberspace capabilities and effects. These efforts are part of the Corps' commitment to fighting and winning - in all domains. Hack the Pentagon Hack the Marine Corps is part of the Hack the Pentagon crowd-sourced security initiative with the DoD's Defense Digital Service (DDS) and HackerOne. Recognizing many of the nation's biggest companies use bug bounties to improve the security and delivery of digital services, DDS launched the federal government's first bug bounty challenge in collaboration with HackerOne in 2016. "Information security is a challenge unlike any other for our military. Our adversaries are working to exploit networks and cripple our operations without ever firing a weapon," said DDS Director Chris Lynch. "Sometimes, the best line of defense is a skilled hacker working together with our men and women in uniform to better secure our systems. We're excited to see Hack the Pentagon continue to build momentum and bring together nerds who want to make a difference and help protect our nation." Since the launch of Hack the Pentagon, more than 5,000 valid vulnerabilities have been reported in government systems. These bug bounty challenges include:
"Success in cybersecurity is about harnessing human ingenuity," said Marten Mickos, CEO at HackerOne. "There is no tool, scanner, or software that detects critical security vulnerabilities faster or more completely than hackers. The Marine Corps, one of the most secure organizations in the world, is the latest government agency to benefit from diverse hacker perspectives to protect Americans on and off the battlefield." Ethical Hacker Tapped by Pentagon to Support Bug Bounty Initiatives After winning the Hack the Air Force challenge, renowned ethical hacker Jack Cable joined DDS, the DoD agency that leads the Hack the Pentagon program, for a tour of duty. 18-year old Cable helped to support and implement the Hack the Marine Corps Challenge, lending his unique, hacker security skills and perspective towards the planning of bug bounties for the government. Ethical hackers, security researchers, engineers, and others interested in joining DDS can learn more here. Defense Digital Service The Defense Digital Service is a team of top tech talent on a tour of duty at the Pentagon to improve technology across the Department. DDS applies industry best practices to high-impact national security missions and tackles some of DoD's most complex IT challenges. Projects include reforming digital services that provide military families access to critical benefits, developing drone detection technologies, hunting adversaries on DoD networks, and redesigning training for cyber soldiers. DDS is an agency team of the U.S. Digital Service. The DDS Director reports directly to the Secretary of Defense. About HackerOne HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited. More Fortune 500 and Forbes Global 1000 companies trust HackerOne than any other hacker-powered security alternative. The U.S. Department of Defense, General Motors, Google (News - Alert), Twitter, GitHub, Nintendo, Lufthansa, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, the CERT Coordination Center and over 1,000 other organizations have partnered with HackerOne to resolve over 76,000 vulnerabilities and award over $32M in bug bounties. HackerOne is headquartered in San Francisco with offices in London, New York, and the Netherlands. For a comprehensive look at the industry based on the largest repository of hacker reported vulnerability data, download the The Hacker-Powered Security Report 2018.
View source version on businesswire.com: https://www.businesswire.com/news/home/20180813005420/en/ |