The Defense Advanced Research Projects Agency and Synack officially launched the agency's first bug-bounty effort focused on identifying vulnerabilities in the Department of Defense's hardware and firmware protocols.
DARPA said Wednesday that participants in the Finding Exploits to Thwart Tampering program will conduct ethical hacking activities on behalf of the Defense Digital Service from July to September.
The participants will work to uncover risks in the DoD's System Security Integration Through Hardware and Firmware framework through red-teaming operations.
Participants will also utilize artificial intelligence, machine learning and Synack's open-source testing tool to analyze and test SSITH for the exercise.
Keith Rebello, program manager for SSITH and FETT at DARPA, said the agency saw 500 registrants for the “Capture-the-Flag“ prequalifying event and downselected the pool to 24 participants for the Technical Assessment “˜Fast Pass' phase.
Qualifiers for the FETT program include Lockheed Martin, the University of Michigan, the Massachusetts Institute of Technology and a team that consists of SRI International and the University of Cambridge.