The Contracting Education Academy

Contracting Academy Logo
  • Home
  • Training & Education
  • Services
  • Contact Us
You are here: Home / Archives for bug bounty

July 19, 2018 By AMK

GSA adds Login.gov to sweeping bug bounty program

The General Services Administration is inviting ethical hackers to break into the sign-on portal for citizens applying for government jobs and accessing federal programs.

The agency added Login.gov to its sweeping public bug bounty program, offering anyone who discovers a security gap within the site potentially thousands of dollars in prize money. The site offers citizens a way to access a variety of federal programs using a single username and password, and today some 7 million people go through the site to apply for federal jobs, expedite the airport security process and do business with the government.

The GSA’s Technology Transformation Service kicked off the bug bounty with cybersecurity research platform HackerOne in August, which the office said marks the first such program at a civilian agency. The initiative originally centered on Federalist, a platform agencies could use to build custom websites, but over the last year expanded to include Data.gov, Cloud.gov and now Login.gov.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2018/07/gsa-adds-logingov-sweeping-bug-bounty-program/149678/

Filed Under: Government Contracting News Tagged With: bug bounty, DHS, DoD, GSA, Login.gov, State Dept.

November 29, 2016 By AMK

SecDef announces program for hackers to disclose DoD web vulnerabilities

Defense Secretary Ash Carter last week launched a process for ethical hackers to alert the Pentagon about any vulnerabilities they discover on Defense Department websites.

hack-the-pentagon-2The vulnerabilities disclosure program comes out the same day DoD launches its Hack the Army bug bounty program, which offers cash prizes for vulnerabilities hackers find in a select group of high-value websites.

The goal of both programs is to provide a clear process for internet security researchers to disclose dangerous vulnerabilities to the Pentagon without fearing they’ll be sued for violating the sites’ copyright protections or laws such as the Computer Fraud and Abuse Act.

“We want to engage with those researchers so we can fix those bugs before the bad guys have a chance to find them,” Charley Snyder, senior DOD cyber policy adviser, said during a media briefing.

Both programs are being managed in cooperation with the bug bounty organizer HackerOne. Hack the Army is the first of several bug bounty programs DOD plans to launch, Snyder said.

Keep reading this article at: http://www.nextgov.com/security/2016/11/carter-announces-program-hackers-disclose-dod-web-vulnerabilities/133305

Filed Under: Government Contracting News Tagged With: bug bounty, Computer Fraud and Abuse Act, DoD, Hack the Army, Hack the Pentagon, HackerOne, hackers

Popular Topics

abuse acquisition reform acquisition strategy acquisition training acquisition workforce Air Force Army AT&L bid protest budget budget cuts competition cybersecurity DAU DFARS DHS DoD DOJ FAR fraud GAO Georgia Tech GSA GSA Schedule GSA Schedules IG industrial base information technology innovation IT Justice Dept. Navy NDAA OFPP OMB OTA Pentagon procurement reform protest SBA sequestration small business spending technology VA
Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter

Search this Website

Copyright © 2023 · Georgia Tech - Enterprise Innovation Institute