20:35 GMT +316 December 2018
Listen Live
    'Enter' key

    Pentagon Sets Guidelines for Legal Hacking of Its Cyber Resources

    Get short URL
    0 04

    The US Department of Defense (DOD) has issued guidelines for security researchers to legally hack its computer networks and submit their findings to the Pentagon, according to a statement Monday.

    WASHINGTON (Sputnik) – According to the statement, researchers are allowed to attempt to breach any public-facing website owned, operated or controlled by the department, including applications hosted on those sites.

    "The security researcher community regularly makes valuable contributions to the security of organizations and the broader Internet, and DOD recognizes that fostering a close relationship with the community will help improve our own security," the release stated.

    It added that information submitted to the Defense Department under its new vulnerability-disclosure policy “will be used for defensive purposes – to mitigate or remediate vulnerabilities in our networks or applications, or the applications of our vendors."

    The policy also sets restrictions for research, such as limiting the exploitation of a cyber vulnerability to the minimal amount of testing needed to prove a weakness exists, the release explained. No exfiltration, or secret transfer, of data is allowed under any circumstances, the policy states.


    Pentagon Confirms US Airstrike Killed Al-Qaeda Leader Al-Qatani
    Pentagon Spokesman Unaware of Claim US Gave Missiles to Syrian Democratic Forces
    Isolating Raqqa: What's Behind Pentagon Changing Its Anti-Daesh Tactic in Syria
    legal, hacking, United States
    Community standardsDiscussion
    Comment via FacebookComment via Sputnik