An official website of the United States government

Here's how you know

Official websites use .mil

A .mil website belongs to an official U.S. Department of Defense organization in the United States.

Secure .mil websites use HTTPS

A lock () or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Department of Defense Cyber Crime Center (DC3) - In the News

Vulnerability Disclosure - Communications

Vulnerability Disclosure News

2024

Pentagon Received Over 50,000 Vulnerability Reports Since 2016

Vulnerability Disclosure News - Archives

2023

Pentagon’s vulnerability disclosure program developing expansion plans to cover more contractors – Federal News Network

Here’s one statistic that shows how bad the cybersecurity problem really is – Federal News Network

How the Pentagon learned to love vulnerability disclosure – The Record

2022

Pentagon bug bounty program turns up nearly 350 vulnerabilities – The Record

DoD pays out $75K for vulnerabilities discovered by white hat hackers – DefenseScoop

DoD expands vulnerability disclosure program to contracting base in pilot – FEDSCOOP

Pentagon contractors go looking for software flaws as foreign hacking threats loom – CNN Politics

How the Pentagon enlisted ethical hackers amid the Log4j crisis – The Record

Blockchains: Breaking the Chain – The SCIF

2021

DOD Expands Hacker Program to All Publicly Accessible Defense Information Systems – Defense.gov

New DoD vulnerability effort launched – Politico

Lifecycle of a Vulnerability Overview (Part 1) – The SCIF

Lifecycle of a Vulnerability Overview (Part 2) – The SCIF

DoD to Try Out It's Vulnerability Disclosure Program with Contractors – Nextgov

Skilled hackers with good intentions – Federal News Network

Foreign Cyber Operations: Ryuk Ransomware Group – The SCIF

Critical Facilities and Services Disrupted/Degraded by Foreign Cyber Actors – The SCIF

2020

Bug hunter finds cryptocurrency-mining botnet on DoD network – ZDNet

Calling All Hackers: We Want To Work With You – DC3

Who Wants to Work With a Hacker – U.S. DEPARTMENT OF DEFENSE Blog

Who Wants to Work With a Hacker? – DC3

Ethical hackers submitted more bugs to the Pentagon than ever last year – Cyberscoop

Ethical hackers swarm Pentagon websites – Naked Security

Sen Warner Letter – U.S. SENATE

Sen. Warner Says DoD Must Strengthen Cyber Vulnerability Disclosure Programs – MeriTalk

2019

DoD Recognizes Cyber, Information Technology Achievements – Defense Department News

How one teenager took out a secure Pentagon file sharing site – fifthdomain

HackerOne Congratulates the Department of Defense on 11K Vulnerability Reports – HackerOne

VDP Selected for 2019 DoD Chief Information Officer Award – DC3

U.S. Department of Defense VDP Wins Prestigious 2019 DoD Chief Information Officer Award – HackerOne

Yarbrough Wingate Article_Nov2019 – Wingate.edu

The Latest

Vulnerability Disclosure Podcasts

2021

Pentagon’s vulnerability disclosure program developing expansion plans to cover more contractors

Meet DoD's Vulnerability Disclosure Program (VDP)_DIB Tech Talk

DoD Cyber: A Conversation with Melissa Vice, COO for DoD’s Vulnerability Disclosure Program_Wiley Connected

Vulnerability Disclosure Content Subscriptions

Vulnerability Disclosure Communications Email Updates

To sign up for content or update your subscriber preferences, please enter your contact information below.

Email Address