vulnerability disclosure

What one bug bounty platform’s FedRAMP authorization means for the industry

by • 3 months ago

HackerOne beat its competitors to federal cloud services authorization, allowing it to deliver the kind of vulnerability disclosure platform sought for agencies governmentwide.

DHS conducting market research for cloud-based vulnerability disclosure platform

by • 7 months ago

DHS wants "a software-as-a-service web application that serves as the primary point of entry for vulnerability reporters to alert the government of potential issues on federal information systems for those agencies that participate in the platform."

DHS questions vulnerability disclosure program

by • 12 months ago

Undiscovered vulnerabilities in agency information systems could be exploited by nation-states or hackers.

Bug bounty industry, helped by federal business, is growing up fast

by • 3 years ago

The industry — which basically hires and sells the services of freelance hackers who are paid to find weaknesses in systems or products — is seeing a period of rapid growth, in part because of early successes in the federal market.

GSA close to launching bug bounty

by • 4 years ago

GSA's Technology Transformation Service issued a draft solicitation through an open source GitHub project earlier this year looking for potential experienced vendors to help it establish its own bug bounty program.

TwitterFacebookLinkedInRedditGoogle Gmail