Cyber Security and Information Systems Information Analysis Center
DARPA today announced that its first bug bounty program-Finding Exploits to Thwart Tampering (FETT)-has opened its virtual doors to a community of ethical hackers and cybersecurity researchers to uncover potential weaknesses within novel secure processors in development on the System Security Integration Through Hardware and Firmware (SSITH) program. DARPA Read More
Apple has awarded a bug bounty hunter $100,000 for finding and reporting a severe security issue that could lead to the takeover of third-party user accounts. Read More
One misstep from developers at Starbucks left exposed an API key that could be used by an attacker to access internal systems and manipulate the list of authorized users. Read More
By paying for the reporting of security flaws, security researchers are incentivized to spend time discovering application vulnerabilities. In just a few years bug bounty programs have evolved from obscurity to being embraced as a best practice. Read More
In an effort to strengthen the cyber defense and cyber resilience measures within information technology systems, government and industry partners are increasingly turning to ethical hackers and incorporating bug bounty programs, which offer rewards for uncovered vulnerabilities. Bug Bounty Programs are “incentivized, results-focused programs that encourage Read More
Crowdsourced security company Bugcrowd announced today that it paid over $500K ($513,333) to 237 whitehat hackers in a single week for the first time since launching its bug bounty platform more than seven years ago. Read More
On Oct. 25, Cable, who worked for the Defense Digital Service and was a freshman at Stanford University, reported a problem to the department through the Pentagon's HackerOne vulnerability disclosure page. Read More
The device manufacturer in a Thursday Black Hat USA 2019 session said it will open the historically private program to all researchers in the fall. In addition, it plans to drastically boost some rewards for vulnerabilities found in its devices - including a $1 million payout - and adding a much-wanted program for its Mac devices. Read More
The Hack the Pentagon bug bounty program that allowed citizens to test the defenses of Defense Department websites could soon see a spinoff inviting hackers to probe the Pentagon’s critical infrastructure. Read More
The event expands on the DoD 'Hack the Pentagon' bug bounty program by broadening the participation pool from U.S. citizens to include "white hat" hackers from the United Kingdom, Canada, Australia and New Zealand. Read More
