Thank you for your interest in participating in HackerOne’s Department of Defense (DoD) “Hack the Pentagon” pilot - the first ever U.S. Government commercial Bug Bounty program.
This is an effort for the Government to explore new approaches to its cybersecurity challenges, and evolve to adopt the best practices used by the most successful and secure software companies in the world, the DoD can ensure U.S. systems and warfighters are as secure as possible.
The Hack the Pentagon Bug Bounty Pilot will start on Monday, April 18, 2016 and end on Thursday, May 12, 2016.
If you have information related to security vulnerabilities in the online services listed in scope below, we want to hear from you! We value the positive impact of your work and thank you in advance for your contribution. Please review all the participation and payment eligibility rules before you report a vulnerability. By participating in this pilot, you agree to be bound by all program rules.
Participation and Payment Eligibility
Individuals are eligible to participate only upon meeting ALL of the following conditions:
- You must have successfully registered as a participant through this security page.
- You must have a U.S. taxpayer identification number and a social security number or an employee identification number and the ability to complete required verification forms.
- You must be eligible to work within the U.S.; meaning you are a U.S. citizen, a noncitizen national of the U.S., a lawful permanent resident, or an alien authorized to work within the U.S.
- You must not reside in a country currently under U.S. trade sanctions.
- You must not be on the U.S. Department of the Treasury's Specially Designated Nationals list.
With the exception of United States Digital Service (USDS) personnel, who obtain the express approval of your supervisor to participate in the program as part of your official U.S. Government duties, U.S. Government employees and Active Duty military members, and current or former employees and contractors of the Defense Media Activity are not eligible to participate in this challenge. USDS personnel are ineligible to receive payment. U.S. Government contractors are eligible to participate and receive payment.
If you submit a qualifying, validated vulnerability, you may be eligible to receive an award, pending a security check. Specific information on payment eligibility will be provided upon acceptance into the program.
You may NOT participate in this challenge unless you comply with the relevant participation requirements described above.
Legal
In connection with your participation in this program you agree to comply with all applicable federal, state, and local laws. HackerOne reserves the right to change or modify the terms of this program at any time. If accepted to participate in this challenge, please check back often for any updates to this program.
Acknowledgement
By clicking “Apply Here” to participate in this Hack the Pentagon Bug Bounty Pilot challenge, you are confirming that you have read and understand, and agree to be bound by, these rules and restrictions, that you meet all eligibility requirements listed above, and that you understand that if you are not in compliance with these rules and restrictions you may be subject to civil and/or criminal liability.
Source & Credits:
https://hackerone.com/hackthepentagon
http://tek.sapo.pt/noticias/internet/artigo/estados_unidos_estao_a_procura_de_hackers_para_atacar_pentagono-46955eic.html
Comentários