Retour aux nouvelles

8 août 2019 | International, Sécurité

The Air Force sends good guys in to hack its cloud

By: Andrew Eversden

The Air Force invited ethical hackers into its IT networks again this spring, allowing good guys the chance to infiltrate its enterprise-wide Air Force Common Computing Environment in search of vulnerabilities, the white hat hacking company Bugcrowd announced Aug. 6.

The bug bounty program, done in a partnership with Bugcrowd and the Air Force's CCE program office, found 54 vulnerabilities. Bug bounties work under the assumption that the customer, in this case the Air Force, will now close the loopholes the hackers found, making the system more secure.

The CCE cloud uses Amazon Web Services and Microsoft's Azure commercial cloud. The service plans to migrate more than 100 applications to that cloud environment, Bugcrowd executives said.

The largest payout from the bug bounty totaled $20,000. The event ran from March 18 to June 21 at Hanscom Air Force Base in Massachusetts.

Casey Ellis, Bugcrowd founder and CTO, said it was the first time Bugcrowd has worked with the Air Force. The Air Force has completed several other white hat hacking events with the firm HackerOne.

Ellis said that moving to the cloud from on-premise environment represents a “paradigm shift” for many organizations. Penetration testing is an important part of keeping that environment secure, he said. Bugcrowd conducted such tests in six phases: source code analysis, AWS environment testing, Azure environment testing, black box network authentication assessment, social engineering engagement and Air Force portal testing.

Bugcrowd declined to discuss how many vulnerabilities were found throughout each stage of the process.

According to a news release from the Air Force from April, the CCE currently houses 21 Air Force applications and "has room for countess more.”

The computing environment allows the Air Force to have a cloud to host its applications that reside on its Global Combat Support System, which is a centralized, cohesive enterprise resource planning system. The Air Force said in the April release that each migration costs $446,000 and that the service has spent more than $136 million on the program since 2016.

https://www.fifthdomain.com/dod/air-force/2019/08/06/the-air-force-sends-good-guys-in-to-hack-its-cloud/

Sur le même sujet

  • Les dépenses de défense des pays de l'OTAN (2014-2024)

    17 juin 2024 | International, Autre défense

    Les dépenses de défense des pays de l'OTAN (2014-2024)

    L'OTAN recueille des données sur les dépenses de défense des Alliés et les publie régulièrement. Le ministère de la Défense de chaque pays membre communique les données relatives aux dépenses de défense actuelles et futures selon une définition agréée des dépenses de défense. Ces montants représentent les paiements qu’un État a réellement effectués ou devra effectuer au cours de l'exercice pour satisfaire les besoins de ses forces armées, de celles d’autres Alliés ou de l’Alliance. Dans les graphiques et tableaux qui suivent, l'OTAN recourt également à des informations économiques et démographiques mises à disposition par la direction générale des affaires économiques et financières de la Commission européenne ainsi que par l'Organisation de coopération et de développement économiques. https://www.nato.int/cps/en/natohq/news_226465.htm?selectedLocale=fr

  • Navy and Marine Corps are dropping some money on barrier-penetrating 5.56 mm ammo

    29 novembre 2018 | International, Naval, Terrestre

    Navy and Marine Corps are dropping some money on barrier-penetrating 5.56 mm ammo

    By: Shawn Snow The U.S. military has long complained about the penetration capabilities of 5.56 mm ammunition, and now the Navy and the Corps are looking to remedy the issue with a new barrier-penetrating 5.56 round. On Nov. 20, the DoD announced a $41,181,315 contract award to Federal Cartridge Co. for 5.56 ammunition that can defeat some barriers like auto windshields and doors. UPI reported that the new round, known as the MK 318 MOD 0 round, was tested by the Corps following complaints about the standard 5.56 ammunition. Before lawmakers in March, Army Chief of Staff Gen. Mark Milley complained that the standard 5.56 mm round had trouble penetrating some forms of body armor. “The 5.56 round, we recognize there is a type of body armor it does not penetrate, and adversarial states are selling that stuff on the Internet for about 250 bucks,” Milley said. https://www.marinecorpstimes.com/news/your-marine-corps/2018/11/28/the-navy-and-marine-corps-are-dropping-some-money-on-barrier-penetrating-556-mm-ammo

  • L3Harris, Leidos collaborate on US Army’s ATHENA reconnaissance jet

    26 juillet 2023 | International, Aérospatial, Sécurité, Autre défense

    L3Harris, Leidos collaborate on US Army’s ATHENA reconnaissance jet

    The companies plan to fit Bombardier Global 6500 jets with radar, electronic and communications intelligence equipment tailored to ATHENA rules.

Toutes les nouvelles