how to hire a whitehat hacker?

how to hire a whitehat hacker?

请先 登录 后评论
  • 1 Follow
  • 0 Collect 63 Check
  • User 2023-12-14 19:03:34

2 + Answer

King of kings

What you are actually looking for is not a security offensive and defensive expert, but someone who has a certain interaction with the circle and can at least speak.

Actually, it seems that you are most concerned about the black industry, so what you need is not just an ordinary white hat, but also someone with a bit of gray. So, considering the requirements... I guess... your pressure will be greater!

请先 登录 后评论
King of kings
On April 2nd, the U.S. Department of Defense announced the launch of a paid recruitment program for "white-hat hackers" to conduct test attacks on certain Pentagon websites. This initiative aims to identify and remedy security vulnerabilities.

This approach, common in the American corporate sector, uses "bug bounties" to probe the security of networks and products. However, this is the first time such a method is being employed at the federal government level.

Inspired by Silicon Valley

The project, dubbed "Hack the Pentagon," appears to be a confident move by Defense Secretary Ashton Carter. During his visit to Silicon Valley in Northern California, where he attended an annual cybersecurity conference, Carter stated, "I am confident that this innovative initiative will strengthen our digital defenses and ultimately enhance national security."

Carter mentioned that the idea of inviting "responsible hackers" to test the Department of Defense's cybersecurity came from Silicon Valley.

Historically, the Pentagon has relied on its internal "Red Teams" to test network security. However, officials note that external attacks on their network systems are relentless, with millions of attempts daily.

Carter emphasized the importance of thinking outside the Pentagon's traditional framework, acknowledging the current subpar state of the department's network security and the need to adopt effective and widely-used methods from the tech industry.

Addressing Security Concerns

The Pentagon plans to launch the project in April. Participants must be U.S. citizens and will undergo registration, background checks, and approval before being allowed to infiltrate designated systems. The websites involved in the project do not contain sensitive information or employee personal data.

According to Associated Press reports, there are still "a great deal of legal matters" to be sorted out by Pentagon officials and lawyers regarding the authorization of attacks by "white-hat hackers."

The Department of Defense will offer monetary rewards and other forms of recognition to individuals who discover vulnerabilities.

The "Hack the Pentagon" initiative is spearheaded by the Defense Digital Service, a department within the Defense Department. Established in November of the previous year by Carter, this unit recruits experts from the U.S. tech industry for short-term assignments at the Pentagon.

Chris Lynch, a former Microsoft executive and head of the Defense Digital Service, commented, "Bringing in the best talent, technology, and processes from the private sector helps us deliver comprehensive, secure solutions for the Defense Department."

Simultaneously with the announcement of the "Hack the Pentagon" project, Carter, during his visit to Silicon Valley, disclosed plans to establish the "Defense Innovation Advisory Board." Eric Schmidt, Executive Chairman of Alphabet Inc. (Google's parent company), was appointed as the chairman of this advisory board.

Pentagon spokesperson Peter Cook stated on April 2nd that the advisory board is expected to provide the latest and best practices in innovation and its application from the corporate world, enabling the Department of Defense to emulate these strategies.
请先 登录 后评论