16 mars 2023 | International, Naval
Navy will extend service life of destroyer Arleigh Burke
The first of its class warship was originally slated to retire in FY 2026 after 35 years of service.
8 août 2019 | International, Sécurité
The Air Force sends good guys in to hack its cloud
By: Andrew Eversden
The Air Force invited ethical hackers into its IT networks again this spring, allowing good guys the chance to infiltrate its enterprise-wide Air Force Common Computing Environment in search of vulnerabilities, the white hat hacking company Bugcrowd announced Aug. 6.
The bug bounty program, done in a partnership with Bugcrowd and the Air Force's CCE program office, found 54 vulnerabilities. Bug bounties work under the assumption that the customer, in this case the Air Force, will now close the loopholes the hackers found, making the system more secure.
The CCE cloud uses Amazon Web Services and Microsoft's Azure commercial cloud. The service plans to migrate more than 100 applications to that cloud environment, Bugcrowd executives said.
The largest payout from the bug bounty totaled $20,000. The event ran from March 18 to June 21 at Hanscom Air Force Base in Massachusetts.
Casey Ellis, Bugcrowd founder and CTO, said it was the first time Bugcrowd has worked with the Air Force. The Air Force has completed several other white hat hacking events with the firm HackerOne.
Ellis said that moving to the cloud from on-premise environment represents a “paradigm shift” for many organizations. Penetration testing is an important part of keeping that environment secure, he said. Bugcrowd conducted such tests in six phases: source code analysis, AWS environment testing, Azure environment testing, black box network authentication assessment, social engineering engagement and Air Force portal testing.
Bugcrowd declined to discuss how many vulnerabilities were found throughout each stage of the process.
According to a news release from the Air Force from April, the CCE currently houses 21 Air Force applications and "has room for countess more.”
The computing environment allows the Air Force to have a cloud to host its applications that reside on its Global Combat Support System, which is a centralized, cohesive enterprise resource planning system. The Air Force said in the April release that each migration costs $446,000 and that the service has spent more than $136 million on the program since 2016.
Sur le même sujet
-
-
31 juillet 2024 | International, Aérospatial
Boeing posts bigger loss as defense business struggles to turn around
-
14 avril 2022 | International, Aérospatial
Emissions monitoring campaign kicks off over the Baltic Sea using specially equipped drones
The European Maritime Safety Agency (EMSA) is a European Union agency charged with reducing the risk of maritime accidents, marine pollution from ships and the loss of human lives at sea by helping to enforce the pertinent EU legislation. It is headquartered in Lisbon.