Brenda Marie Rivers
The Defense Advanced Research Projects Agency has teamed up with Synack in a cybersecurity effort aimed at identifying and addressing hardware vulnerabilities such as data leakage and buffer errors.
DARPA said Monday it seeks ethical hackers and technical professionals who can apply machine learning, artificial intelligence and other new technology approaches to the bug bounty program, dubbed Finding Exploits to Thwart Tampering.
The initiative will involve accessing the Department of Defense's System Security Integration Through Hardware and Firmware protocols that were developed by researchers from Lockheed Martin, SRI International, University of Cambridge, the Massachusetts Institute of Technology and University of Michigan.
The agency noted it will also allow participants to use systems based on Amazon Web Services' cloud technology to support FETT red-teaming activities.
Potential SSITH vulnerabilities will be assessed in accordance with security specifications established by Mitre and the National Institute of Standards and Technology.
“The goal with this demonstrator, as well as the other application systems, is to show how SSITH technologies could help protect critical infrastructure, and potentially prevent the erosion of trust in things like our election process or healthcare systems,†said Keith Rebello, program manager for SSITH and FETT at DARPA.
Synack is scheduled to hold a "Capture-the-Flag" qualifying event from June 15 to 19.
The hacker bounty effort will kick off next month and continue through September.
