Hack the Air Force 2.0 Flies High with $12.5K Payout

The results of the Pentagon’s Hack the Air Force 2.0 bug-bounty initiative are in: White hats received $103,883 in payouts and reported 106 vulnerabilities within 20 days. The Air Force also awarded hackers the highest single bounty of any federal program to date: $12,500. Hack the Air Force 2.0 invited trusted hackers from all over the world to participate in its second bug bounty challenge in less than a year. The challenge was the most inclusive government program to date, with 26 countries invited to participate. Twenty-seven hackers from the US, Canada, UK, Sweden, Netherlands, Belgium and Latvia participated. On December 9, the first day of the challenge, 24 hackers met in New York City and participated in a live hacking event, the first ever to include federal government participation. Department of Defense and Air Force personnel were on site and worked alongside the hackers to simultaneously report security flaws and remediate them in real time. Together, they collaborated to find 55 of the 106 total vulnerabilities in nine hours.