Request a Demo Contact Us
Press release

Department of Defense Selects Bugcrowd to ‘Hack the Pentagon’

DoD to expand ‘Hack the Pentagon’ Crowdsourced Digital Defense Program with Bugcrowd’s Crowdcontrol platform and global Crowd of trusted whitehat hackers

SAN FRANCISCO – October 24, 2018 – Bugcrowd, Bugcrowd, the #1 crowdsourced security platform, today announced that the Department of Defense (DoD) has awarded the company a contract to boost the Pentagon’s capacity to help strengthen security for sensitive, internal assets by running bug bounties and other crowdsourced security programs. As attack surfaces grow at an accelerated pace, the status quo is no longer an option. Bugcrowd helps public and private organizations around the world level the cybersecurity playing field by cost effectively harnessing the creativity of a global Crowd of trusted whitehat hackers to outsmart adversaries – something you can’t get through traditional security testing alone.

“Finding innovative ways to identify vulnerabilities and strengthen security has never been more important,” said Chris Lynch, Director of the Defense Digital Service. “When our adversaries carry out malicious attacks, they don’t hold back and aren’t afraid to be creative. Expanding our crowdsourced security work allows us to build a deeper bench of tech talent and bring more diverse perspectives to protect and defend our assets. We’re excited to see the program continue to grow and deliver value across the Department.”

The expansion of the DoD’s Hack the Pentagon program will enable the Defense Department to run continuous, year-long assessments of high-value assets. Through this model, the DoD can maintain an open dialogue with vetted security researchers and whitehat hackers throughout the development lifecycle of a system – which is particularly valuable as software and other assets across targeted DoD websites and assets are regularly updated. The DoD will continue separate efforts to build out bug bounties for public-facing websites and pursue other crowdsourced digital defense tactics.

“We are thrilled that Bugcrowd has been selected to ‘Hack the Pentagon’ to bring the scale and expertise of our worldwide elite Crowd of whitehat hackers to outsmart adversaries and strengthen our nation’s security,” said Ashish Gupta, CEO, Bugcrowd. “Bugcrowd’s proven platform and Crowd of researchers brings a wide variety of experience and technical specialization to handle the complexity of constantly changing attack surfaces that the DoD – or any organization – will face in the coming years.”

The ‘Hack the Pentagon’ program allows the DoD to run assessments on a broader range of  assets such as hardware and physical systems. Whereas security checklists may help establish a certain baseline best practices, vetted hackers simulating real and insider threats bring valuable new security perspectives to emulate, and ultimately combat adversaries and mitigate risk.

As the crowdsourced security market leader for Fortune 500 companies across industries, Bugcrowd has more experience providing managed bug bounty, vulnerability disclosure and next gen penetration testing programs than any other platform. Given the increased risk posed by an expanding attack surfaces and lack of cybersecurity resources, Bugcrowd has seen exceptional adoption of the Crowdcontrol™ platform and growth of its customer base and its Crowd of whitehat hackers. Customers report Bugcrowd’s managed bug bounty, vulnerability disclosure and next gen penetration testing programs are 7x more effective than traditional approaches to security testing. This is why leading organizations across more than 50 industry sectors and in 30 countries, including Fitbit, HP,,, Mastercard, Motorola, Square, Twilio, and more trust Bugcrowd for their crowdsourced security. This new contract with the DoD demonstrates that crowdsourced security is a force multiplier to solve real-world cybersecurity issues across the public and private sectors.

About Bugcrowd

Bugcrowd is the #1 crowdsourced security platform. More enterprise organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next-gen pen test programs. By combining the largest, most experienced triage team with the most trusted hackers around the world, Bugcrowd generates better results, reduces risk through remediation advice, and empowers organizations to release secure products to market faster – with no hidden fees. Based in San Francisco, Bugcrowd is backed by Blackbird Ventures, Costanoa Ventures, Industry Ventures, Paladin Capital Group, Rally Ventures, Salesforce Ventures and Triangle Peak Partners. Bugcrowd. Outhack Them All. Learn more at