Explore the Department of Defense's evolving security strategy in this 21-minute conference talk from USENIX Enigma 2017. Discover how the DoD transitioned from security through obscurity to more open practices, welcoming contributions from external hackers. Learn about the successful "Hack the Pentagon" and "Hack the Army" bug bounty programs, as well as the implementation of a vulnerability disclosure policy. Gain insights into the challenges faced, the progress made, and the implications for security researchers and prosecutors regarding the Computer Fraud & Abuse Act. Understand how these advancements in DoD practices can legitimize similar approaches in other sectors and provide clarity on legal boundaries in the hacking realm.
Green Sprouts - Encouraging Signs of Life from the Department of Defense's Security Strategy - Lisa Wiswell - USENIX Enigma Conference - 2017
USENIX Enigma Conference via YouTube
Overview
Syllabus
Intro
Bug Bounty Program
Hacking the Pentagon
Hacking the Army
Vulnerability Disclosure Policy
Attorney Generals Endorsement
Challenges
Communication
Open Source
Conclusion
Taught by
USENIX Enigma Conference
Related Courses
-
Coordinated Vulnerability Disclosure - You’ve Come a Long Way, Baby
-
Combining the Power of Builders and Breakers in Cybersecurity - USENIX Enigma 2018
-
From Dystopia to Opportunity - Stories from the Future of Cybersecurity
-
Hacking the Law- Are Bug Bounties a True Safe Harbor? - USENIX Enigma Conference - 2018
-
Vulnerability Disclosure Policies - Hack Responsibly
-
An Oral History of Bug Bounty Programs
