“[The program] has long since recognized the benefits of utilizing crowdsourced ethical hackers to add defense-in-depth protection to the DoD Information Networks,” Melissa Vice, interim director of the vulnerability disclosure program, said in a statement.
Vice added that the pilot was intended to identify whether similar critical and high-severity vulnerabilities existed for small-to-medium-cleared and non-cleared defense-industrial base companies with potential risks for critical infrastructure and the U.S. supply chain.
Which contractors were involved was not disclosed. The campaign launched in April 2021 with 14 participating companies and 141 publicly accessible assets to examine. Interest quickly ballooned; 41 companies and nearly 350 assets were eventually admitted. The results were announced May 2.
Comments are closed.