DOD announces new hacker initiatives

The Defense Department this month rolled out two new “white hat” hacker initiatives designed to bolster cybersecurity at the department.

Under the first initiative, which went into effect Nov. 21,  DOD now will allow security researchers to legally find and disclose to the department any vulnerabilities in DOD’s public-facing systems.

“The Vulnerability Disclosure Policy is a ‘see something, say something’ policy for the digital domain,” Defense Secretary Ash Carter said in a statement. “We want to encourage computer security researchers to help us improve our defenses. This policy gives them a legal pathway to bolster the department’s cybersecurity and ultimately the nation’s security.”

In a second initiative, DOD also announced the opening of registration for a “Hack the Army” bug bounty challenge modeled after the Defense Digital Service’s Hack the Pentagon pilot program. The department said it expects about 500 hackers to compete for cash bounties in the new hacking challenge, which will focus on websites affecting the Army’s recruiting mission.

“As secretary of the Army, the security of these foundational systems is incredibly important to me, and security is everyone's responsibility,” said Army Secretary Eric Fanning. “We need as many eyes and perspectives on our problem sets as possible and that’s especially true when it comes to securing the Army’s pipeline to future soldiers.”

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above


Edward A. Zurndorfer Certified Financial Planner
Mike Causey Columnist
Tom Fox VP for Leadership and Innovation, Partnership for Public Service
Mathew B. Tully Legal Analyst

Free E-Newsletter


I agree to this site's Privacy Policy.

Stay Connected

Latest Forum Posts

Ask the Expert

Have a question regarding your federal employee benefits or retirement?

Submit a question