Vulnerability Management

Hack the Army bug bounty program finds 118 vulnerabilities

The U.S. Army's three-week “Hack the Army” bug bounty trial ended last week with several hundred bug reports being received.

The Army reported, according to Kaspersky Labs' ThreatPost blog, that 400 hundred bug reports were received, of which, 118 were unique and actionable. The 371 people who participated were mainly civilians, however, 17 military personnel and eight government employees also submitted reports.

The bounties totaled about $100,000.

The Army was reticent to share many details regarding the vulnerabilities that were found, but it noted two flaws were discovered on the GoArmy.com website that could be used to enter a Department of Defense website.

The Hack the Army program was modelled on an earlier trial called Hack the Pentagon, which resulted in 138 flaws being found in May.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.