Home > Blog > Announcing Hack the Army 3.0 Results: A Conversation with Defense Digital Service, U.S. Army, and Hack the Army 3.0’s Top Hacker

 |  HackerOne

Five years after the Defense Digital Service (DDS) launched the first-ever U.S. federal government bug bounty Challenge, we’re pleased to announce the results of Hack the Army 3.0, the third Challenge between DDS and the U.S. Army, and the 11th overall DDS bug bounty Challenge in partnership with HackerOne.

Hack the Army 3.0 kicked off in January 2021 and ran for six weeks. With a total of 11 assets in scope, we saw 40 unique, top-tier security researchers from both military and civilian backgrounds focus their efforts on identifying vulnerabilities within DDS/Army’s wide range of scope in two applications. At the end of the engagement, security researchers had identified 238 vulnerabilities, of which 102 vulnerabilities were rated high or critical and designated for immediate remediation. Over $150,000 was awarded to eligible civilian hackers in bounties during Hack the Army 3.0.