Air Force security hackathon leads to record payout

The US Air Force’s second security hackathon has paid dividends… both for the military and the people finding holes in its defenses. HackerOne has revealed the results of the Hack the Air Force 2.0 challenge from the end of 2017, and it led to volunteers discovering 106 vulnerabilities across roughly 300 of the USAF’s public websites. Those discoveries proved costly, however. The Air Force paid out a total of $ 103,883, including $ 12,500 for one bug — the most money any federal bounty program has paid to date.

The event also set a record for speed. On the first day (December 9th), the military and 24 hackers conducted a live event where they reported and fixed flaws as they happened. It took just 9 hours to fix 55 of the potential exploits.

HackerOne is keen to tout this as a success in the larger Hack the Pentagon program. White hat hackers have found over 3,000 holes since the program kicked off in spring 2016, and it’s a definite improvement over the 207 flaws found during the original Hack the Air Force from spring 2017. With that said, this shows that there’s still a lot of room for improvement. While it’s difficult to completely remain up to date (new flaws are bound to pop up), the Air Force isn’t yet at the point where exploits are relatively rare.

Via: Defense One

Source: BusinessWire

Post Author: martin

Martin is an enthusiastic programmer, a webdeveloper and a young entrepreneur. He is intereted into computers for a long time. In the age of 10 he has programmed his first website and since then he has been working on web technologies until now. He is the Founder and Editor-in-Chief of BriefNews.eu and PCHealthBoost.info Online Magazines. His colleagues appreciate him as a passionate workhorse, a fan of new technologies, an eternal optimist and a dreamer, but especially the soul of the team for whom he can do anything in the world.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.