What one bug bounty platform’s FedRAMP authorization means for the industry
HackerOne beat its competitors to federal cloud services authorization, allowing it to deliver the kind of vulnerability disclosure platform sought for agencies governmentwide.
Air Force enlists ethical hackers to target maintenance system from the inside
The Air Force wanted to see just how much "damage" or "malice" hackers could do from the inside.
DOD expands Hack the Pentagon program to cover hardware, systems
DOD tapped cybersecurity firms Synack, HackerOne and Bugcrowd to provide vetted hackers for continual assessments of defense websites, hardware and physical systems.
DOT grateful for extra hands that bug bounty program provided, CIO says
The department recently joined the trend of federal bug bounty programs, which boost cybersecurity resources in ways that traditional methods probably can't.
Pentagon considers continuous bug bounties that could test sensitive, private systems
"Assets could include closed networks, software-embedded devices, proprietary source code, or other private or internal systems not generally accessible via the public Internet," a new RFI says.
Bug bounty industry, helped by federal business, is growing up fast
The industry — which basically hires and sells the services of freelance hackers who are paid to find weaknesses in systems or products — is seeing a period of rapid growth, in part because of early successes in the federal market.