The US Department of Homeland Security (DHS)’s first bug bounty with external researchers called “Hack DHS” helped discover 122 vulnerabilities.
DHS announced the Hack DHS bounty in December and in phase one of the program invited more than 450 “vetted security researchers” to get involved. DHS suggests the program produced solid results: 27 or about 22% of the 122 vulnerabilities participants found were deemed “critical”.
DHS offered participants between $500 and $5,000 per discovered vulnerability and in total awarded $125,600 for verified security flaws.
Read more…
Source: ZDNet