Cyber

18F is looking for crowdsourced penetration testing systems to hit login.gov

"The system is expected to be widely targeted by attackers," a GSA source sought notice says, and so 18F aims to identify pen-testers with proven ability.

By Tajha Chappellet-Lanier

July 19, 2017

The General Services Administration’s 18F digital team is making strides in developing the open-source login.gov, a single sign-on for government services, and is now looking to do some penetration testing.

GSA released a sources sought notice late last week in an attempt to “identify potential crowd sourced penetration testing providers who can support 18F’s login.gov product.”

“The system is expected to be widely targeted by attackers,” the statement of work document explains. “GSA requires Crowdsourced Security and Penetration Testing service that mimics attacks and detects the security flaws that real-world hackers use to breach the Login.gov platform.”

Potential sources should have two years of experience doing penetration testing for major tech companies and adhere to a host of other requirements. To respond to the sources sought notice, potential contractors must describe their methodology, testing timeline and expected outcomes.

The login.gov initiative kicked off in May 2016 as a follow-on to Connect.gov, GSA’s prior identity management project. It was deployed in April 2017, and in May, according to the U.S. Digital Service’s recent report to Congress, the Customs and Border Protection at the Department of Homeland Security became the first agency to use login.gov on its recruitment website.

In the past login.gov has been criticized for needlessly duplicating private sector solutions, but 18F is forging ahead.

18F is looking for crowdsourced penetration testing systems to hit login.gov

More Like This

Federal CIO calls on Congress to fund Technology Modernization Fund

DOJ ‘not aware of any’ identity theft, fraud following consultant’s data breach

GSA administrator: Generative AI tools will be ‘a giant help’ for government services

Top Stories

State Department encouraging workers to use ChatGPT

Congressional panel outlines five guardrails for AI use in House

With 2023 tax season in the rearview, IRS commissioner eyes expansion of AI capabilities

CMS’s financial office is using LLM pilot to combat loss of institutional knowledge

Top public sector takeaways from Google Cloud Next 2024

Commerce requests information about AI, open data assets, data dissemination

More Scoops

Login.gov pilot to include option for biometric verification

Ex-White House adviser to oversee cloud strategy for GSA’s Technology Transformation Services

Agency lists of ‘bad guys’ should evolve to address more sophisticated cyber threats, GSA official says

GSA to add facial recognition option to Login.gov in 2024

GSA official highlights Notify.gov, SNAP benefit betas as people-centered advancements

GSA expands Login.gov partnership with Labor Department to combat unemployment insurance fraud

GSA undertaking study to examine racial bias in facial recognition tech

Latest Podcasts

18F is looking for crowdsourced penetration testing systems to hit login.gov

AI Week 2024 has Come and Gone

Darryl Peek on Elastic’s role in enhancing public sector search and data analytics with AI and Google collaboration

Danny Werfel on How Automation has Enhanced his Agency’s Operations.

Tech

Defense

Cyber

Acquisition