Vulnerability Management

USAF bug bounty program finds 207 vulnerabilities

The U.S. Air Force's first bug bounty program ended in June with bug hunters finding 207 vulnerabilities and receiving $133,400.

The Hack the Air Force program, operated by HackerOne, began on May 30 and ran through June 23 with 272 hackers taking part, HackerOne reported. The hackers only looked at several of the Air Force's public facing websites.

While the hacker's personal details were not announced, the Air Force did say the top bug finder was a 17-year-old researcher who turned in 30 valid bug reports. The bounties ranged from $100 to $5,000 depending upon their severity, HackerOne said.

The Air Force program is a spin off of the Department of Defense's Hack the Pentagon pilot program that ended in June of 2016. Since then the U.S. Army, Department of Homeland Security and Health and Human Services have all run or are considering running a bug bounty program due to their success.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.