DARPA Launches Bug Bounty Program for Cybersecurity Enthusiasts

The Defense Advanced Research Projects Agency has launched Finding Exploits to Thwart Tampering, a new bug bounty program for ethical hackers and cybersecurity researchers. 

Officials said the program was created to find potential weaknesses in new secure processors in development on the System Security Integration Through Hardware and Firmware program, Homeland Preparedness News reported. 

“We are encouraged by the level of interest we’re seeing in our effort and the positive turnout from the cybersecurity community to help improve electronic system security for all,” said Keith Rebello, DARPA's program manager for both SSITH and FETT.

Rebello said that out of the 500 researchers who registered for Synack's open Capture-the-Flag qualifier, 24 ultimately qualified to receive the Technical Assessment "Fast Pass," which is required for access to SSITH's defenses.

The CTF qualifier is a two-week war game event that involved hackers reverse engineers and cybersecurity enthusiasts.

FETT's ultimate goal is to help SSITH researchers improve hardware defenses by any discovered weaknesses or bugs.

The participants would also analyze hardware architectures and approaches developed by research teams from the University of Cambridge and SIR International, University of Michigan, Lockheed Martin and the Massachusetts Institute of Technology. 

DARPA launched the event in partnership with Synack, a California-based computer and network security company, and the Department of Defense's Defense Digital Service. 

DDS Director Brett Goldstein said the department can elevate its cybersecurity by "embracing the researcher community."

“We have to move away from cybersecurity via obscurity and leverage the best skills available to protect our nation,” Goldstein said.

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Future Trends

Join Us Now