The United States Department of Homeland Security has introduced a new bug bounty program to establish potential cybersecurity vulnerabilities and increase the department’s cybersecurity resilience.
When saying the “Hack DHS” program in a statement shared yesterday, the section reported its intention was to uncover weaknesses within just certain DHS systems so that they can be patched.
In exchange for pointing out flaws, prosperous bug hunters will acquire a cash payment. How a lot they make will be determined by a sliding scale, with the maximum bounties likely to hackers who catch the most extreme bugs.
The DHS bug bounty software is by invitation only. System contributors will be selected from a list of vetted cybersecurity scientists.
“As the federal government’s cybersecurity quarterback, DHS have to guide by case in point and consistently request to strengthen the security of our very own techniques,” said Secretary Alejandro Mayorkas.
“The Hack DHS system incentivizes extremely experienced hackers to identify cybersecurity weaknesses in our units ahead of they can be exploited by poor actors.”
Mayorkas additional that the new software is an case in point of how the DHS is partnering with the neighborhood to assistance protect America’s nationwide cybersecurity.
Hack DHS is a 3-phase application that will operate in the course of the fiscal calendar year 2022.
The DHS said: “All through section a single, hackers will conduct digital assessments on specified DHS external devices. Throughout the next phase, hackers will take part in a live, in-particular person hacking event.
“All through the 3rd and closing section, DHS will recognize and evaluate lessons acquired, and plan for upcoming bug bounties.”
The DHS is partnering with crowdsourced cybersecurity company Bugcrowd to supply the method.
Bugcrowd founder and CTO Casey Ellis commented: “We’ve been advising a selection of federal government organizations for several many years together with the DHS, and we’ll be the platform companion for this software.”
He added: “In the spirit of crowdsourcing, they have also drawn from the current encounter of jogging thriving plans inside of the US governing administration, which include from those people who’ve worked on the CISA software, and veterans of the Hack the Pentagon collection of plans.
“Superior planning is an outstanding predictor of accomplishment in this room, and they’ve unquestionably put that get the job done in.”
Some sections of this article are sourced from: