HackerOne, Synack win DOD contracts to expand bug bounty program
October 20, 2016
The Department of Defense has awarded two contracts to expand its bug bounty program across a variety of its digital assets.
David Stegon was a staff reporter for FedScoop and StateScoop from 2011-2014.
The Federal Communications Commission failed to implement appropriate information security controls in the initial components of the Enhanced Secured Network project, the Government Accountability Office said in a new report.
“Although FCC took steps to enhance its ability to control and monitor its network for security threats, weaknesses identified in the commission’s deployment of components of the ESN project as of August 2012 resulted in unnecessary risk that sensitive information could be disclosed, modified, or obtained without authorization,” GAO said.
GAO said FCC’s efforts to effectively manage the ESN project were hindered by its inconsistent implementation of procedures for estimating costs, developing and maintaining an integrated schedule, managing project risks and conducting oversight.
If not addressed, these weaknesses could pose challenges for the commission to achieve the project’s goal of improved security GAO said.
Specifically, GAO said FCC: