USAF and HackerOne launch Hack the Air Force 3.0 programme

7 November 2018 (Last Updated November 7th, 2018 09:54)

The US Air Force (USAF) has collaborated with cybersecurity company HackerOne to launch the Hack the Air Force 3.0 (HtAF) programme.

USAF and HackerOne launch Hack the Air Force 3.0 programme
Hack the Air Force programme enables computer experts to identify and detect threats in the USAF websites. Credit: World’s Direction.

The US Air Force (USAF) has collaborated with cybersecurity company HackerOne to launch the Hack the Air Force 3.0 (HtAF) programme.

Built upon the US Department of Defense’s (DoD) ‘Hack the Pentagon’ effort, HtAF is the service’s third bug bounty programme.

The programme allows computer experts to identify and detect threats in USAF websites in order to help safeguard and strengthen its cyber platform.

Due to conclude on 22 November, the four-week HtAF 3.0 has been designed to focus on the US DoD applications that were recently migrated to an airforce-owned Cloud environment.

USAF chief information security officer Wanda Jones-Heath said: “Hack the Air Force 3.0 demonstrates the airforce’s willingness to fix vulnerabilities that present critical risks to the network.”

Currently open to 191 countries, the USAF initiative is the US Government’s largest bug bounty.

“Hack the Pentagon was launched in April 2016 by the US DoD’s Defense Digital Service team as the first bug bounty programme ever employed by the federal government.”

This year’s USAF programme offers competitive bounty awards to the participating hackers, depending on the severity of the cyber vulnerability discovered.

A critical severity threat is allocated an award of a minimum of $5,000, with potential increase based on overall system impact. To date, the largest single payout in the Hack the Pentagon public programme was valued at $10,000.

Hack the Pentagon was launched in April 2016 by the US DoD’s Defense Digital Service team as the first bug bounty programme ever employed by the federal government.

More than 1,400 hackers registered to participate in the programme.

Also, approximately 200 reports were received within the first six hours of the launch and $75,000 in total bounties was paid out to the participants.

The first pilot programme continued from 18 April until 12 May 2016.

HackerOne was selected by the DoD as its partner to advise, operate and execute the Hack the Pentagon initiative.