The Defense Department's vulnerability disclosure policy lets anyone in the world report security holes they find in the DoD system without fear of prosecution.
The Defense Department’s so-called bug bounty program uncovered 500 cybersecurity holes, all of which have been plugged. Now a separate program — DoD’s vulnerability disclosure policy — may be an even bigger success. It lets anyone in the world report security holes they find in the DoD system without fear of prosecution. So far, digital good Samaritans have reported almost 3,000 bugs. Alex Rice is chief technology officer of HackerOne, the company that runs the disclosure portal for DoD, and Reina Staley is co-founder of the Defense Digital Service. They talked with Federal News Radio’s Jared Serbu about what’s next with DoD’s partnerships with white hat hackers on Federal Drive with Tom Temin.
Subscribe to Federal Drive’s daily audio interviews on iTunes or PodcastOne.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.