Ongoing bug-bounty pilot pinpoints many vulnerabilities in DOD’s cyberspace


Through Hack U.S., the Pentagon is offering cash rewards for exposures of digital weaknesses.

DOD expands vulnerability disclosure program to contracting base in pilot


Forty-one defense contractors in the small-to-medium-size range participated in a vulnerability disclosure pilot that resulted in 1,015 reports, of which 401 were validated by system owners for remediation.

Hack the Army event yields 102 critical security gaps


The Army worked with Defense Digital Services and HackerOne on the latest bug bounty, which identified 238 overall vulnerabilities.

Laying the terms for partnerships with ethical hackers


With the backing of CISA, federal civilian agencies can lean on the expertise of ethical hackers as part of their security strategy — but first they need a VDP agreement.

Army launches ‘Hack the Army 3.0’ with more targets for cybersecurity researchers


White-hat hackers will have from mid-December to the end of January to find vulnerabilities in the army.mil domain and other areas specified by the Army.

CISA’s first shared-services offering is delayed by protest


The award of the vulnerability disclosure policy (VDP) platform contract is under protest from HackerOne.