General Services Administration Readies $300 to $5,000 “Bug Bounty” Program

Standard
bug bounty

Photo Credit: Nguyen Hung Vu via Flickr

“FIFTH DOMAIN CYBER”

“The GSA’s bug bounty platform would represent the first use of an ethical hacking program by a civilian agency in the federal government.

Bug bounty programs have been gaining steam in the federal government after the Department of Defense’s successful “Hack the Pentagon” and “Hack the Army” exercises in 2016.

The General Services Administration’s innovation arm, 18F, said the agency was edging closer to standing up its own bug bounty program after tapping a new provider for its reporting platform.

18F officials said in a May 11 blog post that GSA’s Technology Transformation Service had tapped HackerOne to provide its Software-as-a-Service bug-reporting platform.

The San Francisco-based company offers vulnerability coordination and platform services to reward ethical hackers to locate and report network security vulnerabilities.

GSA issued a solicitation for a bug bounty platform in January, calling for a SaaS to “allow TTS to manage and track issues across multiple public web applications, triage services for those reported vulnerabilities, disburse rewards for effective vulnerabilities and explain the reasons behind rejections,” and provide vulnerability, impact and monthly report services.

18F officials said that HackerOne would help set up bounties on “several TTS public-facing web applications” through its platform and will assess validity of the bug submissions.

The SaaS provider will then forward on the reports to active TTS components to correct the issues and the bug hunters will receive payouts running between $300 to $5,000.

TTS once the platform is in place, officials said they would look to extend it to most of its component websites and applications.”

http://fifthdomain.com/2017/05/12/gsa-readies-the-first-civilian-bug-bounty-program-with-new-platform/

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s