Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceCybersecurity News

DoD launches “Hack U.S." bug bounty opportunity

By Security Staff
bug-bounty-freepik1170x658.jpg

Image by rudzhan via Freepik

July 5, 2022

The U.S. Department of Defense (DoD) has launched its first-ever “Hack U.S.” bug bounty program.


According to the campaign page, the DoD is experimenting with paid incentives in HackerOne’s vulnerability disclosure program (VDP) by offering a limited bounty pool that started on July 4th. The challenge is open to the global public.


From July 4th, 2022 to July 11th, 2022, High and Critical severity findings only will be eligible for a bounty on any publicly accessible information systems, web property, or data owned, operated, or controlled by DoD. The types of submissions received during this time will help inform the DoD on the feasibility of providing financial incentives for valid security issues identified across the DoD information systems on a continuous basis.


The bounty pool for the engagement is $110,000 total. $75,000 will be allocated for vulnerability submissions on a first-submitted, first-awarded basis until that pool of $75,000 is fully exhausted. $35,000 will be reserved for vulnerability awards.


While the DoD Cyber Crime Center (DC3) has been running a vulnerability disclosure program for many years, to see them “upgrade” this to a paid bug bounty program makes a lot of sense, says Casey Ellis, Founder and CTO at Bugcrowd.


Bug bounty programs have become increasingly popular among the public and private sectors alike, and they offer several different benefits, according to security experts. “It takes an army of adversaries to outsmart an army of allies, and many organizations are tapping into the community of millions of good-faith hackers around the world who are skilled, ready, and willing to help,” explains Ellis. 


Bug bounty programs are quite successful for both organizations and security researchers. “Effective bug bounty programs limit the impact of serious security vulnerabilities that could have easily left an organization’s customer base at risk. Payouts for bug reports can sometimes exceed six-figure sums, which may sound like a lot. However, the cost for an organization to remediate and recover from a zero-day vulnerability could total millions of dollars in lost revenue,” says Ray Kelly, Fellow at Synopsys Software Integrity Group.


Rick Holland, Chief Information Security Officer, Vice President Strategy at Digital Shadows, says, “Technology companies that don’t offer bug bounty programs are already behind the curve. Given that almost all companies are technology companies these days, most public-facing companies should have vulnerability disclosure or bug bounty programs.”

KEYWORDS: bug bounty cyber security risk management vulnerability management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Red laptop

Cybersecurity leaders discuss Oracle’s second recent hack

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • virus-enews

    Going Hunting: Could Bug Bounty Programs Bring Benefits to Your Enterprise?

    See More
  • SEC0918-cyber-feature-slide1_900px

    Bug Bounty Programs: An Emerging Best Practice

    See More
  • Google-bug-hunters

    Google launches bug hunters community

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing