Today the Air Force announced a program for sharing vulnerabilities that it will launch next month. The Air Force bug bounty program will let hackers comb several public Air Force websites for software vulnerabilities. Cash prizes are available for discovered bugs, and this new program also does something new that others of its kind don’t. Here are the details.
Air Force Bug Bounty
The Air Force bug bounty program will be the first program of its kind to allow hackers from outside of the United States to participate. Countries will include the United Kingdom, Canada, Australia and New Zealand, which also partner with the U.S. when it comes to intelligence. Members of the U.S. military can also join in, but they can’t earn rewards.
The chief information security officer of the Air Force, Peter Kim, said in a statement:
This is the first time the AF has opened up our networks to such broad scrutiny…We have malicious hackers trying to get in to our systems every day. It will be nice to have friendly hackers taking a shot and, most importantly, showing us how to improve our cybersecurity and defense posture. The additional participation from our partner nations greatly widens the variety of experience available to find additional vulnerabilities.
How To Sign Up
The program will be overseen by HackerOne, a vulnerability coordination and bug bounty platform. If you want to participate in the Air Force bug bounty program, you can register with HackerOne starting May 15. The contest will start on May 30 and ends on June 23.
Interesting that members of the U.S. Military cannot get rewards. I wonbder what the logic behind that is.