Site icon TechNewsBoy.com

Homeland Security offers $5,000 bug bounties as part of new ‘Hack DHS’ program

The US Department of Homeland Security (DHS) is offering up to $5,000 bug bounties under a new program called Hack DHS, it announced. Vetted security researchers invited by the agency will get access to select external DHS systems to identify vulnerabilities that could be exploited by bad actors. Payments will vary between $500 and $5,000 depending on the severity of the bug.

“As the federal government’s cybersecurity quarterback, DHS must lead by example and constantly seek to strengthen the security of our own systems,” said DHS Secretary Alejandro N. Mayorkas. “The Hack DHS program incentivizes highly skilled hackers to identify cybersecurity weaknesses in our systems before they can be exploited by bad actors.”

The program will roll out in three phases, with hackers first doing virtual assessments of systems. That will be followed by a live, in-person hacking event for the second phase, and in the third phase, the DHS will “identify and review lessons learned, and plan for future bug bounties,” it wrote. 

Some of the major players we haven’t seen as active as previously. That doesn’t mean that they’ve gone away, that we’ve defeated them. They very well might have hit the pause button. Vigilance has to remain at an incredibly high level.

The program will use a platform developed by the Cybersecurity and Infrastructure Security Agency (CISA) and monitored by the DHS Office of the Chief Information Officer. That department will verify any bugs within 48 hours and either fix them or develop a plan to do so within 15 days.

Private industry generally offers much higher bug bounties, with companies like Microsoft and Apple offering payouts as high as $1 million. However, Hack DHS isn’t an open bounty program so it’s limited to a smaller pool of researchers.

The DHS said that attacks against it were up fourfold in 2021 but that some of the most dangerous groups have slowed down. “Some of the major players we haven’t seen as active as previously,” Mayorkas said at Bloomberg‘s Technology Summit. “That doesn’t mean that they’ve gone away, that we’ve defeated them. They very well might have hit the pause button. Vigilance has to remain at an incredibly high level.”

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version