Network Security, Vulnerability Management

DTS bug bounty challenge yields 100 vulnerabilities

Hackers filed more than 100 security vulnerability reports during the 29-day Hack the DTS (Defense Travel System) bug bounty initiative and amassed nearly $80,000 for their efforts.

“DTS is relied on by DoD travelers. More than 9,500 sites operate worldwide, and the security of these systems is mission-critical,” Jack Messer, project lead at Defense Manpower Data Center (DMDC), said in a release. “The ‘Hack the DTS' challenge helped uncover vulnerabilities we wouldn't have found otherwise, complementing the great work DMDC is already doing to protect critical enterprise systems and the people those systems serve.”

The DTS challenge, which allowed the use of social engineering, is part of the Defense Department's Hack the Pentagon bug bounty program on the HackerOne platform. The initiative saw 19 hackers report vulnerabilities – 28 of which had critical or high severity ratings. The highest bounty awarded was $5,000, with eight individual hackers reaping that pay out.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.