14 DAY TRIAL // The Hack the Air Force 3.0 bug bounty program organized in collaboration with HackerOne has been announced by the U.S. Air Force to take place from October 19 to November 5.
"Up to 600 eligible applicants will be invited to participate in the challenge. Invitations will be issued to eligible participants during the challenge at regular intervals," according to HackerOne.
All Hack the Air Force bug bounty participants are able to uncover Air Force website vulnerabilities, helping the U.S. Department of the Air Force to boost and strengthen its cyber posture.
This third installment allows security experts enrolled in the four-week-long program to find security issues in the "DoD applications that were recently migrated to an Air Force-owned cloud environment."
"Hack the AF 3.0 demonstrates the Air Forces willingness to fix vulnerabilities that present critical risks to the network," according to Wanda Jones-Heath, chief information security officer of the Air Force.
As detailed in the press release published by the Secretary of the Air Force Public Affairs, Hack the Air Force 3.0 will offer computer experts monetary awards related to the severity of the bugs they uncover.
More than 1,400 security researchers have enrolled in the bug bounty since its debut in 2016
The awards can net a minimum of $5,000 for a critical vulnerability found by enrolled security researchers, with increased payouts if the bug impacts a larger area of the analyzed DoD systems.
The DoD also runs other bug bounty programs, with the Hack the Marine Corps netting participants roughly $150,000 for 150 vulnerabilities found and the Hack the Air Force having netted $130,000 for more than 200 security issues discovered during the program.
"The program’s initiative was launched by the Defense Digital Service in April 2016 as the first bug bounty program employed by the federal government," says USAF's press release.
Furthermore, "More than 1,400 hackers registered to participate in the program. Nearly 200 reports were received within the first six hours of its launch and $75,000 in total bounties were paid out to participating hackers."