Green Sprouts - Encouraging Signs of Life from the Department of Defense's Security Strategy - Lisa Wiswell - USENIX Enigma Conference - 2017

Explore the Department of Defense's evolving security strategy in this 21-minute conference talk from USENIX Enigma 2017. Discover how the DoD transitioned from security through obscurity to more open practices, welcoming contributions from external hackers. Learn about the successful "Hack the Pentagon" and "Hack the Army" bug bounty programs, as well as the implementation of a vulnerability disclosure policy. Gain insights into the challenges faced, the progress made, and the implications for security researchers and prosecutors regarding the Computer Fraud & Abuse Act. Understand how these advancements in DoD practices can legitimize similar approaches in other sectors and provide clarity on legal boundaries in the hacking realm.

Intro
Bug Bounty Program
Hacking the Pentagon
Hacking the Army
Vulnerability Disclosure Policy
Attorney Generals Endorsement
Challenges
Communication
Open Source
Conclusion