TheÂ Defense DepartmentÂ has introduced a new policy that seeks to help computer security researchers detect and disclose cyber vulnerabilities in DoD websites and a âbug bountyâ challenge that aims to authorize hackers to perform vulnerability identification in the U.S. Armyâs networks.
âThe Vulnerability Disclosure Policy is a âsee something, say somethingâ policy for the digital domain,â Defense Secretary Ashton Carter said in a statement released Monday.
âThis policy gives [computer security researchers] a legal pathway to bolster the departmentâs cybersecurity and ultimately the nationâs security,â he added.
DoD consulted the Justice Departmentâs criminal division to develop the policy.
The Pentagon also opened the registration for the âHack the Armyâ bug bounty competition, which is based on the defense digital serviceâs “Hack the Pentagon” initiative.
The department said it expects approximately 500 participants to take part in the competition and that it will provide cash incentives to security researchers who will identify cyber threats in the Armyâs and DoD’s information systems and networks.
DoD will close the registration on Nov. 28 for the Hack the Army competition that is scheduled to run from Nov. 30 to Dec. 21, according to HackerOneâs website.