“This expansion is a testament to transforming the government’s approach to security and leapfrogging the current state of technology within DOD,” said Defense Digital Service Director Brett Goldstein.
Launched in 2016, the bug bounty program previously only allowed ethical hackers to go after DOD systems with public-facing applications and websites, and was created to award talented hackers for finding security vulnerabilities within the agency before foreign hackers discover these security flaws.
“The department has always maintained the perspective that DOD websites were only the beginning as they account for a fraction of our overall attack surface,” said Kristopher Johnson, director of the DOD Cyber Crime Center.