New Project: Agency Readiness for Bug Bounty Programs

Join the Aspen Policy Academy mailing list to learn more about us and our fellows (you’ll receive one email a week).

{"action":"swipe","clientId":"ac5a79b3-027f-4735-ad6e-8ed9a01adc94","controls":["submits"],"property":"newsletter","recipients":"","receipts":"","rules":[],"subject":""}

{"type":"email","format":[{"label":"month"},{"label":"day"},{"label":"year"},{"label":"hour"},{"label":"minute"}],"filetypes":[],"options":[],"title":"Email Address","description":" ","placeholder":"","helper":false,"abilities":["required"],"beacons":[],"preset":"","identifier":"email_address","evaluate":[],"minimum":0,"maximum":200,"expression":"^[a-zA-Z0-9.]{2,}@[a-zA-Z0-9]{3,}\\.[A-Za-z]{2,}$","count":1}

Email Address

{"type":"input","format":[{"label":"month"},{"label":"day"},{"label":"year"},{"label":"hour"},{"label":"minute"}],"filetypes":[],"options":[],"title":"First Name","description":" ","placeholder":"","helper":false,"abilities":["required"],"beacons":[],"preset":"","identifier":"first_name","evaluate":[],"minimum":0,"maximum":200,"expression":"(.|\\n){1,}?","count":1}

First Name

{"type":"input","format":[{"label":"month"},{"label":"day"},{"label":"year"},{"label":"hour"},{"label":"minute"}],"filetypes":[],"options":[],"title":"Last Name","description":" ","placeholder":"","helper":false,"abilities":[],"beacons":[],"preset":"","identifier":"last_name","evaluate":[],"minimum":0,"maximum":200,"expression":"(.|\\n){1,}?","count":1}

Last Name

{"type":"check","format":[{"label":"month"},{"label":"day"},{"label":"year"},{"label":"hour"},{"label":"minute"}],"filetypes":[],"options":[{"label":"I want to learn how to change policy"},{"label":"I am a journalist"}],"title":"Focus","description":"Description of field","placeholder":"","helper":false,"abilities":["multiple"],"beacons":[],"preset":[],"identifier":256591134,"evaluate":[],"minimum":0,"maximum":200,"expression":"(.|\\n){1,}?","count":1}

Focus

Description of field

{"type":"check","format":[{"label":"month"},{"label":"day"},{"label":"year"},{"label":"hour"},{"label":"minute"}],"filetypes":[],"options":[{"label":"Washington DC area"},{"label":"New York City area"},{"label":"San Francisco Bay area"},{"label":"Los Angeles area"},{"label":"I'm in another location"}],"title":"Select your location","description":"Description of field","placeholder":"","helper":false,"abilities":[],"beacons":[],"preset":[],"identifier":660813820,"evaluate":[],"minimum":0,"maximum":200,"expression":"(.|\\n){1,}?","count":1}

Select your location

Description of field

By submitting this form, I agree that the Aspen Institute can collect, process, and retain limited personal information for administrative purposes; and that the Institute can share this limited personal information with its trusted service providers for program administration purposes. I consent to receiving email communications from the Aspen Policy Academy. I understand I can withdraw my consent at any time by contacting DataPrivacyLegal@aspeninstitute.org.

I agree to the Aspen Institute’s Terms of Use Agreement and acknowledge that I have read and understand the Aspen Institute Privacy Policy which provides additional information about how the Institute processes personal information, as well as rights I may have regarding the personal information the Institute maintains about me.

Thank you for signing up! Keep an eye on your inbox for our next weekly newsletter!

{"abilities":[],"action":"stack","className":"","columns":3,"controls":[],"exclude":[],"include":[{"custom.menu":"header-menu"}],"maximum":6,"property":"header","orders":["date","title","menu_order","post_type","post__in"]}

{"abilities":[],"action":"stack","className":"","columns":3,"controls":[],"exclude":[],"include":[{"custom.menu":"header-menu"}],"maximum":6,"property":"mobile","orders":["date","title","menu_order","post_type","post__in"]}

New Project: Agency Readiness for Bug Bounty Programs

Article Published November 17, 2022

We are pleased to share an exciting new project from our inaugural Tech Policy Primer cohort. The project, focused on ‘Agency Readiness for Bug Bounty Programs,’ proposes guidelines for the Cybersecurity and Infrastructure Security Agency (CISA) to scale the use of Bug Bounty Programs (BBPs) across government. The outputs include a BBPs 101 information sheet, a BBP readiness score guide and scorecard, and a BBP Survey Tool demo video.

Agency Readiness for Bug Bounty Programs

by Ahmed Amer, Di Cooke, Rob Lever, and Julia Pan

BBPs are an efficient and cost-effective way to improve a system’s security, allowing for scrutiny by a broader array of cybersecurity experts than a typical government agency could normally provide. Yet, few agency system stakeholders understand the advantages of BBPs or are prepared to execute BBPs on their own systems. This project outlines how CISA could help agencies: improve their understanding of BBPs; gauge their specific agency’s readiness to execute a BBP; and assist with preparation if an agency is not yet ready to execute a BBP.

Learn more about this and other projects here.

{"abilities":[],"action":"swipe","className":"wide","columns":3,"controls":["arrows"],"exclude":[{"starter.postid":"4825"},{"default.postid":"26818"}],"filters":[],"include":[{"starter.termid":"135"},{"starter.termid":"117"}],"maximum":6,"meta":[],"property":"box","searching":"","sorts":[{"ordering.label":"date","evaluation.label":"\u2193","display":"Most Recent","label":"date \u2193 Most Recent"}],"sorting":[{"ordering.label":"date","evaluation.label":"\u2193","display":"Most Recent","label":"date \u2193 Most Recent"}],"orders":["date","title","menu_order","post_type","post__in","relevance"],"filtering":"","refiner":false,"total":56}

Aspen Policy Academy

New Project: Agency Readiness for Bug Bounty Programs

Agency Readiness for Bug Bounty Programs

Browse Related Articles

4 New Policy Projects: Tech Forward Healthcare Solutions

Celebrating Our 2025 Accomplishments at the Aspen Policy Academy

Introducing the 2026 Tech Executive Leadership Initiative Cohort