Even though HackerOne invited some of the world’s elite hackers to the event, they were surprised to find the Air Force sites were not that easy to crack.

“They were impressed,” said Lt. Col. Jonathan Joshua, 24th AF deputy chief of staff. “As a vulnerability was identified, shortly thereafter, hackers would be attempting to highlight the vulnerability to another team of hackers … but the vulnerability had already been patched. They’d be trying to grab screen shots to prepare a post-day brief, but they couldn’t because the systems were already healthy.”

The non-Air Force researchers were able to receive cash rewards of up to $50,000 for each vulnerability they identified under a practice commonly used in private sector known as “Bug Bounties.” Under bounty programs, companies pay so-called “white hat” hackers a reward for pointing out holes in their security.

“Hack the Air Force allowed us to look outward and leverage the range of talent in our country and partner nations to secure our defenses,” said Peter Kim, Air Force chief information security officer. “We’re greatly expanding on the tremendous success of the first challenge by targeting approximately 300 public facing Air Force websites. The cost-benefit of this partnership in invaluable.”

For Maj. Barrett Darnell, 315th COS, the highlight of the day was the interaction between different groups participating.

“What stood out was seeing private sector, independent bounty hunters and the government all come together to find these vulnerabilities,” he said. “I was amazed at the creativity [of the researchers] with some of these issues that were found. So the best part was seeing all these resources come together to solve security problems.”

In a rapidly and perpetually evolving domain such as cyber, interacting with industry partners is essential for the Air Force to stay on top of its game.

“Our cyber warriors are in the fight every day,” said Weggeman. “Our Airmen operate within Air Force networks and employ offensive and defensive capabilities 24/7 in a highly contested environment where the adversary constantly changes tactics and techniques, creating complex vulnerabilities. Participating in the HackerOne hosted ‘hackathon’ allowed our cyber warriors to showcase their immense talent and skills while also learning and strengthening relationships with our partners in industry and other nations.”

At the close of the event, after 12 hours of hacking, participants had identified multiple vulnerabilities, protected 300 Air Force websites and forged immeasurable new partnerships.