Security News > 2021 > December > DHS announces 'Hack DHS' bug bounty program for vetted researchers

DHS announces 'Hack DHS' bug bounty program for vetted researchers
2021-12-14 20:38

The Department of Homeland Security has launched a new bug bounty program dubbed "Hack DHS" that allows vetted cybersecurity researchers to find and report security vulnerabilities in external DHS systems.

"The Hack DHS program incentivizes highly skilled hackers to identify cybersecurity weaknesses in our systems before they can be exploited by bad actors. This program is one example of how the Department is partnering with the community to help protect our Nation's cybersecurity."

The new bug bounty program will use a platform developed by the Cybersecurity and Infrastructure Security Agency and will be monitored by the DHS Office of the Chief Information Officer.

Researchers who report security vulnerabilities as part of the Hack DHS program will be able to win monetary rewards of up to $5,000, depending on the flaw's severity.

The Hack DHS bug bounty program builds upon experience and practices from similar efforts across the federal government and the private sector.

DHS launched its first bug bounty pilot program two years ago, in 2019, after the SECURE Technology Act was passed into law to require the establishment of a security vulnerability disclosure policy and a bug bounty program.


News URL

https://www.bleepingcomputer.com/news/security/dhs-announces-hack-dhs-bug-bounty-program-for-vetted-researchers/