Source: National Cyber Security – Produced By Gregory Evans
Ethical hackers found 31 vulnerabilities – one rated critical while nine got a high severity rating – during the Pentagon’s Hack the Proxy program on the HackerOne platform.
Although the Sept. 3-18 initiative was eighth
version of the bug bounty program, it was the first “focused on securing content intermediaries for publicly
accessible proxy servers owned by the government,” the Defense Department said
in a statement. Around 81 hackers participated in the program, which paid out
$33,750 to those who uncovered valid bugs. A single hacker based in the U.S.
snagged $16,000 of the bounty.
“USCYBERCOM continuously advances defensive operations. Validating capabilities, closing previously unknown vulnerabilities, and enforcing standards improve our ability to conduct multi-domain military operations,” U.S. Cyber Command’s Directorate of Operations Master Sergeant Michael Methven said in a release. “Hack the Proxy is an important approach that leverages crowd-sourced talent for an outside-in view of our vulnerabilities. At little cost, we identify and mitigate vulnerabilities more effectively, making the Department’s networks more resilient and securing our data from malicious cyber actors.”
HackerOne CEO Marten Mickos praised
the Defense Department for embracing “hacker-powered security with open arms by
consistently collaborating with hackers worldwide to help them find areas where
they can be vulnerable to attack” since 2016.
“Each initiative has not only bolstered the
DoD’s cybersecurity posture, but also served as an example of how trusting
hackers can improve defense system on an ongoing basis,” he said.
Want to read more?
Please login or register first to view this content.
Login
Register
Original Source link
The post #cybersecurity | hacker | Pentagon ‘Hack the Proxy’ program uncovers 31 vulnerabilities, one critical appeared first on National Cyber Security.