HackerOne Archives

Treasury Secretary Scott Bessent testifies during a Senate Finance Committee hearing at the Dirksen Senate Office building in Washington, D.C., on June 3, 2026. (Photo by Nathan Posner/Anadolu via Getty Images)

Treasury’s Bessent backs Trump’s AI order, voluntary cyber callout

The secretary told Sen. Mark Warner that the executive order “strikes a very good balance between innovation and safety,” and disputed that the EO was scaled back…

Jun 3, 2026 By Matt Bracken

CISA, DHS, Department of Homeland Security, RSA 2019 — The DHS and CISA booth at the 2019 RSA conference in San Francisco. (Scoop News Group photo)

CISA still working with some agencies to fully follow federal vulnerability disclosure policy rules

A small number of federal agencies are still working with CISA on fully following rules concerning vulnerability disclosure requirements.

Aug 31, 2023 By Rebecca Heilweil

Ongoing bug-bounty pilot pinpoints many vulnerabilities in DOD’s cyberspace

Through Hack U.S., the Pentagon is offering cash rewards for exposures of digital weaknesses.

Jul 8, 2022 By Brandi Vincent

DOD expands vulnerability disclosure program to contracting base in pilot

Forty-one defense contractors in the small-to-medium-size range participated in a vulnerability disclosure pilot that resulted in 1,015 reports, of which 401 were validated by system owners for…

May 2, 2022 By Billy Mitchell

Hack the Army event yields 102 critical security gaps

The Army worked with Defense Digital Services and HackerOne on the latest bug bounty, which identified 238 overall vulnerabilities.

Jun 10, 2021 By Jackson Barnett

Laying the terms for partnerships with ethical hackers

With the backing of CISA, federal civilian agencies can lean on the expertise of ethical hackers as part of their security strategy — but first they need…

Dec 7, 2020 By FedScoop Staff

A soldier assigned to 1st Stryker Brigade Combat Team, 4th Infantry Division, takes the Automated Neuropsychological Assessment Metrics as part of the 1st SBCT’s Emergency Deployment Readiness Exercise (EDRE) at Fort Carson, Colorado, July 18, 2020. (U.S. Army / Capt. Daniel Parker)

Army launches ‘Hack the Army 3.0’ with more targets for cybersecurity researchers

White-hat hackers will have from mid-December to the end of January to find vulnerabilities in the army.mil domain and other areas specified by the Army.

Nov 9, 2020 By Jackson Barnett

cybersecurity incident, bug, vulnerability, malware — (Getty Images)

CISA’s first shared-services offering is delayed by protest

The award of the vulnerability disclosure policy (VDP) platform contract is under protest from HackerOne.

Nov 2, 2020 By Dave Nyczepir

What one bug bounty platform’s FedRAMP authorization means for the industry

HackerOne beat its competitors to federal cloud services authorization, allowing it to deliver the kind of vulnerability disclosure platform sought for agencies governmentwide.

May 26, 2020 By Dave Nyczepir

coder, developer, programmer, hacker, devops, devsecops, hacking, bug bounty — (Getty Images)

Hack the Army 2.0 brings 146 new security vulnerabilities to light

More than 50 white-hat hackers from six countries participated in this second edition of the Army bug bounty program.

Jan 15, 2020 By Tajha Chappellet-Lanier