Pentagon bounty program swats 100 security bugs

Pentagon bounty program swats 100 security bugs
© Getty Images

Hackers called upon to help the Pentagon have found 100 vulnerabilities in Department of Defense systems.

In what is known as a bug bounty, Defense officials invited vetted security researchers to “Hack the Pentagon” and report back any soft spots they found in exchange for cash prizes. The program has paid out $15,000, split among 1,400 participating hackers, since its March launch — a bargain compared to other methods of security research. 


“They are helping us to be more secure at a fraction of the cost,” Defense Secretary Ash Carter said Friday at the Defense One conference in Washington, D.C., according to RT. 

Sensitive systems were out of bounds for the bounty program, and all participants were required to pass a background check. 

Bug bounties are commonplace in the private sector, spawning an industry companies contracted to professionally manage the programs. The Pentagon used one of these companies — HackerOne — to run their bounty program.

Hack the Pentagon ran from April 18 until May 12. It was the U.S. government’s first commercial bounty program.