US Department of Defense’s Vulnerability Disclosure Program has expanded to include all publicly accessible DOD websites and applications. The VDP allows security researchers to search for and report any vulnerabilities affecting public-facing DOD information systems. More than 30,000 reports have already been submitted through the program since it was officially established in 2016, with more than 70% of them containing a valid bug. The number of reports is expected to increase dramatically due to security researchers discovering and reporting vulnerabilities previously unreportable before the VDP was launched.
Source: https://www.bleepingcomputer.com/news/security/dod-expands-bug-disclosure-program-to-all-publicly-accessible-systems/