$500 to $5,000 reward from the US government to hackers who will detect cybersecurity vulnerabilities

2 mins read
Award for hackers from the US government

$500 to $5,000 reward from the US government to hackers who will detect cybersecurity vulnerabilities

Award for hackers from the US government

The US Department of Homeland Security (DHS) is launching a Bug Bounty program, which will give thousands of dollars to hackers to help detect cybersecurity vulnerabilities in their systems.

According to CNN, US Secretary of Homeland Security Alejandro Majorkas announced that the department will pay between $500 and $5,000 depending on the severity of the vulnerability and the impact of the remediation.

In his speech at the Bloomberg Technology Summit, Majorkas said, “This is scalable money, but we find it very important. “We’re really investing a lot of money into this program, but also focusing attention,” he said.

Award for hackers from the US governmentThe minister stated that hackers who detect the most serious bugs will receive the highest rewards.

Some private companies give hackers much higher rewards for revealing vulnerabilities.

Apple awards $25,000 to $1 million, while Microsoft offers up to $200,000.

The announcement comes a day after senior officials in the administration of US President Joe Biden warned that hackers were exploiting an emerging software vulnerability.

“A vulnerability is one of the most dangerous things I’ve seen in my entire career, if not the most serious,” warned Jen Easterly, Director of the Cybersecurity and Infrastructure Agency (CISA). According to Majorkas, under the ministry’s new program, the vulnerability will be verified within 48 hours, fixed within 15 days or, if necessary, a remediation plan will be developed within a 15-day period.

When asked whether the program will continue in the next administrations, Majorkas replied, “We will continue the program as much as possible if it is useful.”

Katie Moussouris, founder and CEO of Luta Security, welcomed the move, but expressed concerns about the program’s timeline. Speaking to CNN, Moussouris said: “It’s great that the ministry is working with hackers and welcoming their findings. However, time-based bug bounty programs do not provide consistent security improvements. “It’s time for the government to mature its bug bounty programs for vulnerability and measurable security consequences.”

FİKRİKADİM

The ancient idea tries to provide the most accurate information to its readers in all the content it publishes.

Leave a Reply

Your email address will not be published.

Comment moderation is enabled. Your comment may take some time to appear.