in ,

HackerOne, DOD Wrap Up Vulnerability Disclosure Pilot Program for Defense Industry

HackerOne, DOD Wrap Up Vulnerability Disclosure Pilot Program for Defense Industry - top government contractors - best government contracting event

Forty-one companies took part in a pilot program the Department of Defense and HackerOne facilitated over the past 12 months to help participants identify cybersecurity weaknesses on publicly accessible systems.

Volunteers with 348 systems signed up for the Defense Industrial Base-Vulnerability Disclosure Program and 288 security researchers at HackerOne offered 401 actionable reports to asset owners, the DOD Cyber Crime Center said Tuesday.

The Software Engineering Institute at Carnegie Mellon University conducted the feasibility study of DIB-VDP with only 20 entities.

“The pilot intended to identify if similar critical and high severity vulnerabilities existed on small to medium cleared and non-cleared DIB company assets with potential risks for critical infrastructure and U.S. supply chain,” said interim VDP Director Melissa Vice.

Alex Rice, co-founder and chief technology officer of HackerOne, urged organizations to prioritize software supply chain security and said he believes the pilot initiative demonstrates the effectiveness of vulnerability disclosure programs for federal agencies and contractors.

The Defense Counterintelligence and Security Agency supported the DIB-VDP pilot and plans to coordinate with the facilitators to examine the possibility of making the program permanent.

HackerOne, DOD Wrap Up Vulnerability Disclosure Pilot Program for Defense Industry - top government contractors - best government contracting event

ExecutiveBiz will host a virtual forum on May 17 to provide the GovCon community an insight into the Pentagon’s software modernization priorities. Sign up for the Defense Software Modernization Forum to hear from defense officials and industry executives.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

mm

Written by Mary-Louise Hoffman

is a writer of news summaries about executive-level business activity in the government contracting sector. Her reports for ExecutiveBiz are focused on trends and events that drive the GovCon industry to include commercial technologies that private companies are developing for federal government use. She contributes news content to ExecutiveBiz’s sister sites GovCon Wire and ExecutiveGov.

Mattermost to Help USAF Adopt Collaboration Tool Under SBIR Phase II Contract; Barry Duplantis Quoted - top government contractors - best government contracting event
Mattermost to Help USAF Adopt Collaboration Tool Under SBIR Phase II Contract; Barry Duplantis Quoted
Pueo-St. Michael's JV Wins $150M USSOCOM Contract for Enterprise Professional Services - top government contractors - best government contracting event
Pueo-St. Michael’s JV Wins $150M USSOCOM Contract for Enterprise Professional Services