The US Department of Defense (DoD) and bug bounty platform HackerOne have launched the second ‘Hack the Army’ challenge to identify vulnerabilities in government web assets.
The four-week challenge, which is the ninth bug bounty initiative with the DoD, will run until 8 November.
Led by the Defense Digital Service, ‘Hack the Army’ encourages hackers to find vulnerabilities in more than 60 publicly accessible web assets.
The crowdsourced security testing will help enhance the security of the systems.
Department of Defense Digital Service Digital Service Expert Alex Romero said: “It is our duty to ensure our citizens are protected from cyber threats, and finding new and innovative ways to do so is vital.
“Our adversaries are determined and creative, so we must be every bit more of both. This latest HackerOne challenge allows us to continue to harden the army’s attack surfaces with the talent and diverse perspectives of HackerOne’s vetted hacker community.”
The first Hack the Army challenge involved around 400 hackers from around the world. The hackers identified 118 vulnerabilities in the bug bounty initiative.
Army Cyber Command commanding general Stephen Fogarty said: “Opening up the army’s cyber terrain to the hacker community is exactly the type of outside-the-box, partnership approach we need to take to rapidly harden and better defend our most foundational weapons system: the army network.”
Active US military members and government civilians are invited to participate in the bug bounty challenge. The initiative is also open for participation to individuals authorised by HackerOne.
HackerOne CEO Marten Mickos said: “Over the past three years, our hackers have helped the DoD find and resolve more than 10,000 vulnerabilities, and we are excited to bring this new challenge to the uniquely talented hacker army up for the task.”
