Company
Date Published
Author
Guest Post
Word count
708
Language
English
Hacker News points
None

Summary

The U.S. Air Force collaborated with Bugcrowd, a crowdsourcing platform for cybersecurity testing, to conduct a bug bounty program as part of the Common Computing Environment (CCE) initiative. The program aimed to identify and remediate security vulnerabilities in the CCE platform, which provides an enterprise-wide cloud environment for the Air Force's cloud-hosted applications. Through Bugcrowd's engagement, security researchers found 54 vulnerabilities, including those related to access and configuration issues, which were promptly remedied and resulted in payouts of over $123,000, with a top prize of $20,000. The program showcased the value of crowdsourced security testing, focused testing, and researcher grants in strengthening the security of the CCE platform, and demonstrated the Air Force's commitment to prioritizing security in its IT operations.