Maryland has launched the most expansive state-level bug bounty program in the US, improving the State’s ability to detect cybersecurity vulnerabilities on its systems.
Managed by the Department of Information Technology (DoIT), the program has identified over 40 exploitable vulnerabilities, strengthening the State’s digital infrastructure.
Inspired by successful federal initiatives like the Department of Defense’s “Hack the Pentagon,” Maryland’s program enables the State to proactively secure its systems and address vulnerabilities before malicious actors can exploit them.
Secretary Katie Savage, who led several federal cybersecurity initiatives, emphasized how these programs have transformed vulnerability detection. “Maryland is not just keeping pace with best practices—we are setting the pace by partnering with top researchers to address vulnerabilities swiftly.”
Gregory Rogers, Maryland’s Chief Information Security Officer, stressed the importance of building long-term relationships with the cybersecurity community. “By engaging the broader security research sector, we’re ensuring Maryland stays ahead of emerging threats, protecting both our systems and residents.”
