To require the Secretary of State to design and establish a Vulnerability Disclosure Process (VDP) to improve Department of State cybersecurity and a bug bounty program to identify and report vulnerabilities of internet-facing information technology of the Department of State, and for other purposes.
Hack Your State Department Act
This bill requires the Department of State to design, establish, and make publicly known a Vulnerability Disclosure Process to improve cybersecurity. In establishing the process, the State Department must identify which information technology should be included, determine whether the process should differentiate among and specify the types of security vulnerabilities that may be targeted, and provide a readily available form and means of reporting, among other requirements.
The bill also requires the State Department to establish a bug bounty pilot program, under which an approved individual, organization, or company is temporarily authorized to identify and report vulnerabilities of internet-facing information technology of the State Department in exchange for compensation.
Received in the Senate and Read twice and referred to the Committee on Foreign Relations.
Introduced in House
Introduced in House
Referred to the House Committee on Foreign Affairs.
checking server…
Ask anything about this bill. The AI reads the full text to answer.
Enter to send · Shift+Enter for new line