What one bug bounty platform’s FedRAMP authorization means for the industry
HackerOne beat its competitors to federal cloud services authorization, allowing it to deliver the kind of vulnerability disclosure platform sought for agencies governmentwide.
Air Force ramps up use of white-hat hackers to test its IT networks
The Air Force is ramping up its efforts to hack its own networks, going far beyond traditional bug bounties.
DIU wants annual penetration testing, and more, to secure its own IT
The Pentagon agency also seeks red teaming and cybersecurity training services to ensure its own networks comply with federal rules.
Health and Human Services IG sizes up department’s cybersecurity vulnerabilities
"[W]e have initiated a new series of audits looking for indicators of compromise on HHS and OPDIV systems to determine whether an active threat exists on HHS networks or whether there has been a past breach by threat actors," a new report says.
DOD expands industry day for contract on cybersecurity testing teams
The National Cyber Range Complex (NCRC) Event Planning, Operations, and Support event will now take place Nov. 27-28, followed by one-on-one meetings with attendees afterward.
Hurd: FITARA Scorecard, MGT Act up for discussion at IT Subcommittee hearing
The FITARA Scorecard, Hurd explained, needs to evolve.