The U.S. Air Force has again joined with HackerOne to roll out the third installment of its bug bounty program nicknamed Hack the Air Force 3.0.
The program runs until Nov. 22 and is open to white hat hackers in 191 countries, making it the government’s largest bounty project to date, the Air Force said in a statement. The focus of this year’s program is on Department of Defense applications that were recently migrated to an Air Force-owned cloud environment.
As with most bug bounty programs, Hack the Air Force 3.0 will offer a minimum of $5,000 for a critical severity vulnerability with the prize money topping out at $10,000 based on the overall system impact of the revealed vulnerability.
"Hack the AF 3.0 demonstrates the Air Forces willingness to fix vulnerabilities that present critical risks to the network,” said Wanda Jones-Heath, Air Force chief information security officer.
Over the last two years all the military service branches have implemented bug bounty programs.