Sign In

Communications of the ACM

ACM News

Homeland Security Offers Hackers a Bounty to Find Bugs

View as: Print Mobile App Share:
Hunting bugs.

DHS Secretary Alejandro Mayorkas said the agency would pay from $500 to $5,000 per verified vulnerability.

Credit: CISO magazine

The U.S. Department of Homeland Security announced a new program Tuesday in which the agency will pay outside hackers to find vulnerabilities in its computer systems, a type of incentive popular in the cybersecurity industry that is known as a "bug bounty." 

DHS Secretary Alejandro Mayorkas unveiled his agency's "Hack DHS" program at the Bloomberg Technology Summit. Unlike many bug bounties, which are open to anyone, DHS said in a statement that its program would include only "vetted cybersecurity researchers who have been invited to access select external DHS systems." Any vulnerabilities they find would then be fixed, and the researchers would be rewarded with financial prizes.  

"As the federal government's cybersecurity quarterback, DHS must lead by example and constantly seek to strengthen the security of our own systems," Mayorkas said in the statement.  "The Hack DHS program incentivizes highly skilled hackers to identify cybersecurity weaknesses in our systems before they can be exploited by bad actors."

From Bloomberg
View Full Article



No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account