HackerOne has been tapped by General Service Administrations (GSA) to distribute its software as a service (SaaS) bug-reporting platform for the first time.
In January 2017, GSA supplied a solicitation for a bug bounty platform, allowing SaaS to track and manage technology transfer (TT) issues across a variety of public web applications. The triage services provided vulnerabilities and impacted monthly reports, dispersing rewards and rejection explanations.
Since then, the GSA’s bug bounty platform represents the first ethical hacking programme by a civilian agency in the US federal government, offering platform services and vulnerability coordination as a reward to ethical hackers, locating and reporting network security vulnerabilities.
Financial rewards for software bugs
Bug hunters will receive rewards from US$300 to US$5000 as an incentive to fix software issues, after SaaS providers forward the reports to active TTS components.
“The agency was edging closer to standing up its own bug bounty programme after tapping a new provider for its reporting platform,” said the Digital Services Agency, 18F.
“HackerOne would help set up bounties on several TTs public-facing web applications through its platform and will evaluate validity of the bug submissions.”
Written from source by Leah Alger