Search Results for: HackerOne

DoD Awards Crowdsourced Security Contracts to Bugcrowd, HackerOne, Synack

Bugcrowd, HackerOne and Synack have received separate contracts to expand the Defense Department‘s bug bounty challenges and explore other crowdsourced methods to secure its public-facing websites. All three companies will help DoD develop additional activities for the security initiative aimed at identifying vulnerabilities in private defense systems, the department said Wednesday. The Pentagon …

Read More »

HackerOne to Help Run GSA’s New Bug Bounty Program; Marten Mickos Quoted

HackerOne has received a multiyear contract to help the General Services Administration‘s Technology Transformation Service administer a program aimed at identifying security vulnerabilities in digital assets within the agency. The award comes one year after the company completed a bug bounty and vulnerability disclosure program with GSA’s 18F organization, HackerOne said …

Read More »

DoD, HackerOne Launch 5th Bug Bounty Challenge

The Defense Department and HackerOne have opened registration for hackers who want to participate in the Pentagon’s fifth bug bounty challenge. Participants of the fifth Hack the Pentagon event will work to identify vulnerabilities in an enterprise system that supports DoD’s global operations, HackerOne said Monday. Reina Staley, chief of staff …

Read More »

HackerOne, Synack to Help Pentagon Create “Bug Bounty” Contract Vehicle

The Defense Department has chosen HackerOne and Synack to create a contract vehicle that will work to help DoD components and services launch “bug bounty” programs. DoD said Thursday the contract vehicle will facilitate efforts to standardize a crowdsourced approach to digital security through challenges designed to identify and address vulnerabilities on department-run websites. The department seeks to launch …

Read More »

Tech Firms Urge NIST to Include Vulnerability Disclosure Processes in Cybersecurity Framework

A coalition of security companies and advocacy groups has called on the National Institute of Standards and Technology to incorporate best practices on digital vulnerability disclosures into the agency’s updated Cybersecurity Framework, Nextgov reported Tuesday. Joseph Marks writes the consortium urged NIST to add a section on procedures to receive, review and respond to vulnerability reports. …

Read More »