Hack the Pentagon | Georgia Tech Procurement Assistance Center

Pentagon is planning another bug bounty contract

May 22, 2018 By Andrew Smith

The Pentagon is considering offering a broad bug bounty contract that would accommodate a variety of different bounty models on either short-term or continuous timeframes, according to contracting documents released earlier this month.

The move comes after two years during which the Defense Department and military services have launched five high-profile bug bounties targeting the Pentagon, Air Force, Army and the department’s travel booking system.

Bug bounties are contests in which ethical hackers are offered cash rewards for finding hackable vulnerabilities in websites, apps and other software. So far, the Pentagon and military services have paid out more than $400,000 for valid bug reports.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2018/05/pentagon-planning-another-bug-bounty-contract/148292/

DoD wants you to hack the Pentagon again and again

October 28, 2016 By Andrew Smith

The Defense Department plans to make Hack the Pentagon-style bug bounty challenges available in a new contract vehicle.

The department contracted HackerOne and Synack to create a contract vehicle that allows DoD components and services to launch such competitions to discover and remediate website vulnerabilities.

hack-the-pentagon

Though tech companies have long used bug-bounty programs to root out security issues, the Pentagon and the Defense Digital Service experimented with it for the first time in the spring. The numbers of Hack the Pentagon are impressive: 1,400 vetted hackers tested five websites, 138 unique vulnerabilities were found and fixed, and it cost $150,000 with about half going to pay the participants. The department said hiring a contractor for similar efforts would have cost about $1 million.

Keep reading this article at: http://www.nextgov.com/defense/2016/10/dod-wants-you-hack-pentagon-again-and-again/132539

DoD invites you (well, some of you) to “Hack the Pentagon” this month

April 7, 2016 By Andrew Smith

Last Thursday (March 31, 2016) the U.S. Department of Defense (DoD) announced the launch of a pilot bug-bounty program for the DoD’s public-facing websites. Called “Hack the Pentagon,” the bounty program will be managed by HackerOne, the disclosure-as-a-service company founded by Alex Rice and Michiel Prins.

Since Hack the Pentagon is a pilot, its budget and duration are fairly modest by DoD standards. The Pentagon has budgeted $150,000 for the month-long bug hunt, which will begin on Monday, April 18 and end by Thursday, May 12. Payouts for accepted bugs will come from HackerOne and will be doled out by June 10.

Pentagon Press Secretary Peter Cook did not specify which DoD sites would be considered fair game for Hack the Pentagon. “The program will target several DoD public websites which will be identified to the participants as the beginning of the challenge approaches,” he said. “Critical, mission-facing computer systems will not be involved in the program.”

The program is not open to everyone. HackerOne’s page sets out the conditions for those eligible for participation.

Keep reading this article at: http://arstechnica.com/security/2016/04/dod-invites-you-well-some-of-you-to-hack-the-pentagon-this-month/

Pentagon is planning another bug bounty contract

DoD wants you to hack the Pentagon again and again

DoD invites you (well, some of you) to “Hack the Pentagon” this month

Contracting News

Federal contractor indicted for stealing over $1.2 million from the U.S. Postal Service

CMMC announces new advisory council to collect industry feedback

EEOC announces April 26 opening date for the collection of 2019 and 2020 EEO-1 component 1 data

Contractors line up to rebuild MARTA’s Five Points Station

GDOT announces $828.8 million in projects to transform Ga. 316

Contracting Tips

A whole new marketplace: GSA’s “commercial platforms” initiative

CRS Reports: Mentor-Protégé programs and small business size standards

CRS Report: Small businesses and COVID-19, relief and assistance resources

How do I find out what the government is buying?

Past performance isn’t always a required evaluation factor, says GAO

GTPAC News

SBA hosting “Contract Bonds and Surety Bond Guarantee” webinar April 20th

GSA hosting “Getting on the GSA Schedule” webinar April 13th

NIH hosting 2021 small business program conference April 26-30th

Defense Counterintelligence and Security Agency hosting industry day and matchmaking May 6th and 20th

Missile Defense Agency hosting virtual conference May 11-13th

Georgia Tech News

Georgia Tech creates new Office of Corporate Engagement

Delta Jacket wins 2021 Georgia Tech InVenture prize

Future of 5G is under the microscope at Georgia incubator

Collective worm and robot “blobs” protect individuals, swarm together

The Partnership for Inclusive Innovation is now accepting applications for pilot programs