The program is the first of its kind where hackers were invited to take their best shot at government properties. The beta program ran from April 18 to May 12 and only certain Pentagon public-facing websites and certain vulnerabilities were in scope. Working on something like this was rewarding enough.” “It was a little sad since I reported what I found on the first day,” Dworken said.
Dworken did not earn a monetary bounty since all of his submissions were considered duplicates, but the program did pay out about $75,000, the DoD said in a statement. But the tour and meeting the secretary of defense, I’d say it was quite a day.”ĭworken was presented with a Hack the Pentagon Secretary of Defense’s Challenge Coin in a ceremony on Friday. “I’d never been to the Pentagon before, despite living in the D.C., area my whole life. “I totally enjoyed it, it was an absolutely crazy experience,” Dworken said. Last Friday, on the day the Pentagon released the first set of results from the program, Dworken was invited to tour the Pentagon and meet Secretary of Defense Ash Carter all this just five days after graduating high school from The Maret School in D.C. Dworken has quickly matured when it comes to finding flaws in software, being active in bug-bounty programs and recently participated in the Hack the Pentagon bounty program.ĭworken was one of 1,400 invited to participate in the Hack the Pentagon beta program and one of 250 who submitted bug reports (138 turned out to be bounty eligible). Fast forward two years and pose the same question Dworken and you’ll get a well-versed answer from the now white hat hacker and recent high school graduate. Ask David Dworken when he was in tenth grade what a cross-site scripting vulnerability is and you might get a strange look from the Alexandria, Va., teen.
0 kommentar(er)
