The US Department of Defense (DoD) is to invite external hackers to conduct vulnerability identification and analysis on the department’s applications, websites, and networks as part of the ‘Hack the Pentagon’ initiative.
Modelled after similar competitions conducted by the nation’s biggest companies, the initiative aims to improve the security and delivery of networks, and digital services of the federal government.
US Defense Secretary Ash Carter said: "I am always challenging our people to think outside the five-sided box that is the Pentagon. Inviting responsible hackers to test our cybersecurity certainly meets that test.
"I am confident this innovative initiative will strengthen our digital defences and ultimately enhance our national security."
Led by DoD’s Defense Digital Service (DDS), the DoD will leverage commercial sector crowdsourcing to allow qualified participants to test the department’s cyber security.
Prior to the programme, participants will register and submit to a background check, followed by controlled testing on a predetermined department system.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataHowever, the DoD’s critical and mission-facing systems will not be part of the bug bounty pilot programme.
DDS director and technology entrepreneur Chris Lynch said: "Bringing in the best talent, technology and processes from the private sector not only helps us deliver comprehensive, more secure solutions to the DoD, but it also helps us better protect our country."
The programme is the first in a series intended to test and find flaws in DoD’s public web pages.