in , ,

Pentagon’s Vulnerability Disclosure Pilot Program Draws Interest From Defense Contractors

Defense Industrial Base Vulnerability Disclosure Program Pilot
Defense Industrial Base, Vulnerability Disclosure, Program Pilot

The Department of Defense’s Cyber Crime Center has begun a pilot program to allow hackers to share the vulnerabilities they find in systems operated by companies in the defense industrial base, Nextgov reported Monday.

DC3 collaborated with the Defense Counterintelligence and Security Agency to launch the 12-month Defense Industrial Base Vulnerability Disclosure Program Pilot in response to a recommendation from a feasibility study carried out by Carnegie Mellon University’s Software Engineering Institute.

“The program received numerous applicants,” a spokesperson for DC3 told Nextgov. “However, during this initial launch pilot, we will be moving forward with a few dozen” defense contractors.

Under the DIB-VDP Pilot, the cyber center will act as a link between companies and security researchers, validate and prioritize the vulnerability reports from more than 2,000 participating researchers and offer guidance to companies to help them remediate the identified vulnerabilities. DC3 will also have the authority to declare whether those reports are considered resolved.

The pilot program’s HackerOne page listed websites, endpoints, services and other contractor network assets that are available for research.

“As of April 2021, security researchers have identified more than 30,000 potential exploits for DoD’s systems. The expansion of vulnerability research to participating DoD contractor networks replicates the DoD’s’ success by making participating DoD contractor networks available for vulnerability research,” according to the HackerOne page.

Defense Cybersecurity ForumTo register for this virtual forum, visit the GovConWire Events page.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

Lt. Gen. Dennis Crall

Lt. Gen. Dennis Crall Receives 2021 Wash100 Award

Petros Mouchtaris President Perspecta Labs

Perspecta Labs to Support DOD 5G Testbed Programs; Petros Mouchtaris Quoted