GOVERNMENT BUSINESS

Defense Digital Service Announced the Launch of DDS’s 11th Bug Bounty Program with HackerOne

HackerOne | January 07, 2021

The Defense Digital Service (DDS) and HackerOne today announced the dispatch of DDS's 11th bug abundance program with HackerOne and the third with the U.S. Branch of the Army. Hack the Army 3.0 is a period bound, programmer controlled security test pointed toward surfacing weaknesses so they can be settled before they are abused by foes. The bug abundance program is available to both military and regular citizen members and will run from January 6, 2021 through February 17, 2021.

Bug abundance programs, similar to Hack the Army 3.0, boost security examination and announcing of genuine security weaknesses in return for money related awards for qualified weaknesses and members. These projects are an industry best practice utilized by the most full grown associations across the world. By unveiling weaknesses to security groups, regular citizen and military programmers will help the U.S. Armed force secure digital resources and guard against cyberattacks. Hack the Army is one illustration of the Army and DoD's ability to seek after imaginative and nontraditional ways to deal with guarantee the capacity and security of individuals, organizations, and information.

"Bug bounty programs are a unique and effective 'force multiplier' for safeguarding critical Army networks, systems and data, and build on the efforts of our Army and DoD security professionals," said Brig. Gen. Adam C. Volant, U.S. Army Cyber Command Director of Operations. "By 'crowdsourcing' solutions with the help of the world's best military and civilian ethical hackers, we complement our existing security measures and provide an additional means to identify and fix vulnerabilities. Hack the Army 3.0 builds upon the successes and lessons of our prior bug bounty programs."

“We are proud of our continued partnership with the Army to challenge the status quo in strengthening the security of military systems and shifting government culture by engaging ethical hackers to address vulnerabilities,” says Brett Goldstein, Director, Defense Digital Service. “We’re calling on civilian and military hackers to show us what they’ve got in this bug bounty and to help train the future force.”

Participation in the Hack the Army 3.0 bug abundance challenge is open by greeting just to regular citizen programmers and dynamic U.S. military individuals. Bug bounties might be offered to regular citizen programmers for substantial security weaknesses as indicated by the program strategy. Military and temporary worker staff are not qualified to get monetary prizes.

“We are living in a different world today than even just a year ago,” said Marten Mickos, CEO of HackerOne. “Amidst disinformation and a global health crisis, citizens are increasingly wary of how, when, and where their information is used. For years, the U.S. Department of Defense and respective military branches have successfully strengthened their cybersecurity posture and protected precious data by enlisting the help of ethical hackers on HackerOne. Years later, hacker-powered security is not only a best practice in the US military, but it is now a mandated requirement among civilian federal agencies. There is only one way to secure our connected society, together, and the U.S. Army is leading the charge with this latest challenge.”

DDS has been a harbinger in programmer fueled security testing since the time the dispatch of "Hack the Pentagon" in 2016. DDS's Hack the Pentagon group has executed 14 public bounties on outside confronting sites and applications, and ten private bounties on a scope of delicate, inside frameworks in the U.S. Branch of Defense (DoD). Instances of past private bounties incorporate coordinations frameworks, actual equipment, and faculty frameworks.

In partnership with DDS, HackerOne has launched more federal programs than any other hacker-powered security provider and is the only bug bounty platform that is FedRAMP authorized. Previous bug bounty challenges and results include: Hack the Pentagon, Hack the Army, Hack the Air Force, Hack the Air Force 2.0, Hack the Defense Travel System, Hack the Army 2.0, Hack the Air Force 3.0, Hack the Air Force 4.0, Hack the Proxy and Hack the Marine Corps. DDS also launched a Vulnerability Disclosure Program (VDP) for the DoD in 2016, which is now one of the most successful programs of its kind with hackers reporting over 20,000 security vulnerabilities to date. Hackers who become aware of any vulnerabilities can safely disclose them to the DoD at any time through this ongoing VDP with HackerOne.

About HackerOne

HackerOne empowers the world to build a safer internet. As the world’s most trusted hacker-powered security platform, HackerOne gives organizations access to the largest community of hackers on the planet. Armed with the most robust database of vulnerability trends and industry benchmarks, the hacker community mitigates cyber risk by searching, finding, and safely reporting real-world security weaknesses for organizations across all industries and attack surfaces. Customers include The U.S. Department of Defense, Dropbox, General Motors, GitHub, Goldman Sachs, Google, Hyatt, Intel, Lufthansa, Microsoft, MINDEF Singapore, Nintendo, PayPal, Slack, Starbucks, Twitter, and Verizon Media. HackerOne was ranked fifth on the Fast Company World’s Most Innovative Companies list for 2020. Headquartered in San Francisco, HackerOne has a presence in London, New York, the Netherlands, France, Singapore, and over 70 other locations across the globe.

About Defense Digital Service

The Defense Digital Service was established by the U.S. Secretary of Defense in November 2015 as a SWAT team of nerds that provides the best in modern technical knowledge designed to bolster national defense. We are primarily based in the Pentagon, but we also have satellite offices in Augusta, Georgia and co-located at the Defense Innovation Unit in Mountain View, California. Our range of talent includes world-class software developers, designers, product managers, digital experts and bureaucracy hackers from both the private sector and within government.

Spotlight

A sailor and a Marine shared the stage with their commander in chief during a Memorial Day rally on the USS Wasp.

Spotlight

A sailor and a Marine shared the stage with their commander in chief during a Memorial Day rally on the USS Wasp.

Related News

GOVERNMENT BUSINESS

Aurigo Software Achieves Amazon Web Services Government Competency Accreditation

Aurigo Software | December 09, 2022

Aurigo Software, North America's leading capital planning and construction management solution provider, today announced it has achieved Amazon Web Services (AWS) Government Competency status. Companies included on the prestigious list have demonstrated expertise in delivering technology to help government agencies meet mandates, reduce costs, drive efficiencies, and increase innovation. Aurigo's capital program management software is used by state and local government, federal agencies, and the transportation sector to plan, build, and maintain capital assets. Achieving this accreditation differentiates Aurigo as an AWS partner with deep domain knowledge and the ability to deploy solutions seamlessly through the AWS platform. The firm is one of only 36 product-led companies worldwide to make the list. "Aurigo is honored to achieve AWS Government Competency status, This is a testament to the outstanding team at Aurigo and the deep experience we have gained partnering with government agencies to deliver mission-critical software on the AWS cloud to help them plan and build modern and resilient infrastructure." -Balaji Sreenivasan, CEO and founder of Aurigo Software. AWS provides on-demand, distributed computing services to companies, non-profits, and government organizations. The firm is recognized as the market leader in providing solutions that enable scalable, flexible, and cost-effective data processing and storage in the cloud. AWS has a history of working with major government agencies to deliver technology with the highest levels of security, reliability, and performance. To support the seamless integration and deployment of these solutions, AWS established the AWS Competency Program to help government customers identify high-quality, trusted partners that have demonstrated technical proficiency and proven success in managing government workloads. Government Competency Partners provide solutions to—and have deep experience working with—public sector customers to deliver essential applications and workflows on AWS. They provide innovative, cloud-based solutions that comply with the highest AWS standards. "This designation differentiates Aurigo as the go-to, secure solution for government agencies, We look to partner with exceptional organizations like AWS to help our customers plan and build the roads, bridges, airports, and other infrastructure their communities need. Customers can be assured that Aurigo's SaaS products run on world-class cloud infrastructure with industry-leading best practices for security and availability." -Manish Sharma, Vice President, Engineering and Security at Aurigo Software. Aurigo has implemented capital program solutions for agencies such as the Utah Department of Transportation, the cities of Las Vegas, Seattle, and Houston, Portland Water Bureau, and Dallas Area Rapid Transit. The firm is the only construction technology company listed on the StateRAMP Authorized Vendor List and has been available on the Federal Risk and Authorization Management Program (FedRAMP) marketplace since 2020. About Aurigo Software: Aurigo builds software that helps build the world. Aurigo provides modern, cloud-based solutions for capital infrastructure and private owners to help plan with confidence, build with quality, and maintain their assets efficiently. With more than $300 billion of capital programs under management, Aurigo's solutions are trusted by over 300 customers in transportation, water and utilities, healthcare, higher education, and government on over 40,000 projects across North America. Aurigo helps capital program executives make better decisions based on proprietary artificial intelligence and machine learning technology. Aurigo is a privately held U.S. corporation headquartered in Austin, Texas, with global offices in Canada and India.

Read More

EMERGING TECHNOLOGY,CYBERSECURITY

IronNet Prioritized by FedRAMP Joint Authorization Board to Pursue Provisional Authority to Operate

IronNet | December 06, 2022

IronNet, Inc. (NYSE: IRNT), an innovative leader Transforming Cybersecurity Through Collective DefenseSM, announced today it has been prioritized by the United States Federal Risk and Authorization Management Program (FedRAMP) to pursue a Provisional Authority to Operate (P-ATO) from the Joint Authorization Board (JAB). FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies. As the primary governance and decision-making body for FedRAMP, the JAB is comprised of the Chief Information Officers from the Department of Homeland Security, General Services Administration, and Department of Defense. “Prioritization to pursue a P-ATO is an important step towards expanding the deployment of the IronNet Collective Defense platform into more federal agencies. As cyber attacks become increasingly more sophisticated, any organization that is still attempting to defend its networks alone is accepting unnecessary risk, Our unique Collective Defense platform includes advanced behavioral analytics and leverages a sophisticated expert system to reduce false positives in order to defend against global cyber attacks. We’re committed to the FedRAMP process to deliver this protection to government agencies at scale as we continue working together to strengthen our nation’s cyber defense.” -General (Ret.) Keith Alexander, CEO and Founder of IronNet. The goal of the FedRAMP program is to grow the use of secure cloud technologies in use by government agencies and enhance the framework by which the government secures and authorizes cloud technologies. IronNet is pursuing FedRAMP High certification to help protect the government’s most sensitive, unclassified data in cloud computing environments. The IronNet Collective Defense platform, powered by AWS, identifies anomalous behaviors and delivers actionable attack intelligence to all the other participants in the IronNet community. The Collective Defense platform serves as an early warning system for all participating companies and organizations, strengthening network security through correlated alerts, automated triage, and extended hunt support. About IronNet, Inc: Founded in 2014 by GEN (Ret.) Keith Alexander, IronNet, Inc. (NYSE: IRNT) is a global cybersecurity leader that is transforming how organizations secure their networks by delivering the first-ever Collective Defense platform operating at scale. Employing a number of former NSA cybersecurity operators with offensive and defensive cyber experience, IronNet integrates deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing the world today.

Read More

EMERGING TECHNOLOGY, CYBERSECURITY

Viasat & Inmarsat Receive UK Government Approval for Proposed Combination Under National Security & Investment Act

Inmarsat | September 17, 2022

Viasat Inc., (NASDAQ: VSAT), a global communications company, and Inmarsat, a leading provider of global mobile satellite communications services, today announced the receipt of approval of the proposed combination of their businesses by the UK Government under the National Security & Investment Act. The Secretary of State for Business, Energy and Industrial Strategy (BEIS) has announced that the transaction does not pose a risk to the UK's national security. In March 2022, the companies committed to economic undertakings with BEIS, which underlined their pledge to strengthen and advance the UK's National Space Strategy. The economic undertakings include an expansion in the number of highly skilled jobs in key areas and a 30% increase in overall research and development spending in the UK. "The combination of Viasat and Inmarsat creates a leading global communications innovator with enhanced scale and scope to affordably, securely and reliably connect the world. The UK Government's clearance of Viasat's proposed acquisition of Inmarsat under the National Security and Investment Act is another important step forward on the road to closing the deal, and we would like to thank the UK Government for their close collaboration throughout the process. Viasat has been a trusted partner of the UK's defence and national security communities for more than a decade, including in the provision of its market-leading encryption products. The combined company, whose global international business headquarters will be situated in the UK, will build upon the strong UK relationships that Viasat and Inmarsat already enjoy and allow us to deepen our contribution to the UK's National Space Strategy." -Mark Dankberg, Executive Chairman and CEO of Viasat. Rajeev Suri, Inmarsat CEO, added: Inmarsat is proud of our decades of close work with the UK government. Today's approval brings us closer to delivering the new jobs and investment to the UK that have been committed by both Inmarsat and Viasat. Together, we will be well-positioned to compete in a robust market that has both well-funded new entrants and other industry players in the process of consolidating. About Viasat: Viasat is a global communications company that believes everyone and everything in the world can be connected. For over 35 years, Viasat has helped shape how consumers, businesses, governments and militaries around the world communicate. Today, the Company is developing the ultimate global communications network to power high-quality, secure, affordable, fast connections to impact people's lives anywhere they are—on the ground, in the air or at sea. About Inmarsat: Inmarsat delivers world leading, innovative, advanced and exceptionally reliable global, mobile communications across the world – in the air, at sea and on land - that are enabling a new generation of commercial, government and mission-critical services. Inmarsat is powering the digitalisation of the maritime industry, making operations more efficient and safer than ever before. It is driving a new era of inflight passenger services for aviation, while ensuring that aircraft can fly with maximum efficiency and safety. Furthermore, Inmarsat is enabling the rapid expansion of the Internet of Things (IoT) and enabling the next wave of world-changing technologies that will underpin the connected society and help build a sustainable future. And now Inmarsat is developing the first-of-its-kind, multi-dimensional communications network of the future, ORCHESTRA. In November 2021, Inmarsat and Viasat announced the planned combination of the two companies, to create a new leader in global communications. The deal is scheduled to close in the second half of 2022.

Read More