US DoD Launches Vuln Disclosure Program for Contractor Networks

The United States Department of Defense (DoD) this week announced the launch of a new vulnerability disclosure program on HackerOne to identify vulnerabilities in Defense Industrial Base (DIB) contractor networks.

Running as a pilot, the Defense Industrial Base Vulnerability Disclosure Program (DIB-VDP) covers participating DoD contractor partner’s information systems and web properties, as well as other assets within scope, and is separate from the DoD vulnerability disclosure program that already runs on HackerOne.

As part of the DIB-VDP Pilot, DoD invites the HackerOne community to remotely test the participating DoD contractors’ assets and report on any identified vulnerabilities.

Interested researchers, however, are prohibited from doing any harm to the vulnerable systems, from accessing or exfiltrating data, from compromising the privacy or safety of DoD or the contractor, as well as from sharing any information with third parties.

“Any information submitted to the DIB-VDP under this program will be used for defensive purposes – to mitigate or remediate vulnerabilities in DoD contractor information systems, networks, or applications. This research is not contributing to offensive tools or capabilities,” the program’s policy reads.

Researchers looking to participate are encouraged to read the provided guidelines and glance over the assets that are within scope of the program, as well as over the rest of the terms and conditions of the DIB-VDP.

The DIB-VDP Pilot is a voluntary event that will run for 12 months.  

Related: U.S. Gov Announces ‘Hack the Army 3.0’ Bug Bounty Program

Related: HackerOne Paid Out Over $107 Million in Bug Bounties

Related: Hackers Earn $275,000 for Vulns in U.S. Army Systems

view counter

Ionut Arghire is an international correspondent for SecurityWeek.

Previous Columns by Ionut Arghire:
Tags:

Source

Next Post

Changes driven by Covid-19 boost tablet segment in Brazil

Wed Apr 7 , 2021
The Brazilian tablet market has seen revenue growth in 2020 in relation to the prior year and is predicted to expand further in 2021, according to research from analyst firm IDC. The result for 2020 reflects changes in consumer buying habits and changes in the use of personal devices, the […]