The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
These sustained engagements are expansive and provide opportunities for DDS to champion long-term, large-scale change across the DoD.
DDS and the Defense Innovation Unit’s (DIU) Rogue Squadron team formally came together effective February 12, 2020. The Rogue Squadron team works out of DIU’s Mountain View office.
Rogue Squadron is a counter-small unmanned aerial systems (C-sUAS) group within Defense Digital Service (DDS). Rogue Squadron is composed of technical experts, laser-focused on providing cutting-edge, rapid-prototyped solutions at the speed of relevance based on real-time feedback and asks of the warfighter and partner-agencies in support of National Security.
Rogue Squadron has a strong history of equipping U.S. warfighters with the best sUAS and counter-sUAS (C-sUAS) solutions today and preparing them for future challenges. More than 200 organizations use Rogue Squadron software across the DoD and federal government, and its custom ground station tools are used in major DoD C-sUAS exercises and in-theater.
Hack the Pentagon Program
DDS established the Hack the Pentagon program in November 2016 as the Federal Government’s first-ever bug bounty program. Following best practices from the private sector, bug bounties allow independent hackers to research and disclose security vulnerabilities on DoD assets (both external-facing websites/applications and certain sensitive internal systems), sometimes in exchange for financial reward. Participants go through background checks and can be citizens of any country except Iran, North Korea, China, and Russia. The Air Force, Army, and other military departments and DoD agencies now use bug bounties or crowdsourced hacking assessments as an optimal way to harness the depth and breadth of technical talent across the globe to help secure DoD’s digital assets. When Hack the Pentagon began, limited companies were operating in the space and most focused on either private assessments or public assessments. DDS stood up two IDIQs, or Indefinite Delivery Indefinite Quantity contracts, one for private bounties and one for public bounties. Since that time, the landscape has changed, and today companies work on both public and private challenges, obviating the need for a distinction. Beginning in FY 2020, DDS consolidated these separate contracts into a single multi-award IDIQ vehicle.
In 2016 the DoD also published its first vulnerability disclosure policy (VDP), which has resulted in the DoD Cyber Crime Center (DC3) receiving over 15,705 vulnerabilities as of April 2020 from 1,624 security researchers at no cost to the DoD. Find all ongoing activity for the VDP here: https://hackerone.com/DeptOfDefense. DDS is currently engaged with OSD Policy to expand the VDP to include all DoD Information Systems to help further protect DoD assets and critical information infrastructure.