DDS solves priority critical cybersecurity challenges for the Department of Defense.

DDS run Bug Bounties are time-boxed assessments where monetary rewards are given to security researchers/ethical hackers in exchange for reporting bugs or vulnerabilities in systems. Some of our past DoD business partners/asset owners have included the U.S. Army, U.S. Navy, U.S. Air Force, U.S. Marine Corps, DoD agencies and offices, and the Pentagon itself.

Image of Skull meant to represent danger

Our DoD business partners/asset owners choose us because we increase their resistance to attack by mobilizing or tapping into the world’s top security researchers to identify vulnerabilities on their behalf.

We Test DoD Websites, Apps, Public Facing Assets, And More

Questions? The 1 Pager Has Answers

Explore The Bounty Playbook To Learn About The Bounty Process

Download The Bug Bounty Checklist

Info For DoD Partners

Info For Vendors

Info For Security Researchers

Note: we do not work directly with security researchers. To work with us, sign-up with a vendor in the crowdsourced vulnerability area*. Some US vendors we work with include: Bug Crowd, HackerOne, and Synack.

*DDS/CDAO do not have any involvement in this process and vendor listings may change at any time and do not reflect endorsement by the Department of Defense or the United States Government.

Defense Digital Service, Hack The Pentagon, and the Chief Digital and Artificial Office Logos

To learn more about Defense Digital Service or the Chief Digital and Artificial Intelligence Office
visit: DDS.mil or AI.mil