The DOT-Chain Defence electronic procurement system was tested for resistance to attacks during a two-day intensive as part of the Kyiv International Cyber Resilience Forum. More than 20 independent cyber researchers searched for vulnerabilities, and a separate stage of testing was performed by AI.
The DOT-Chain Defence electronic procurement system was tested for resistance to attacks during a two-day intensive as part of the Kyiv International Cyber Resilience Forum. More than 20 independent cyber researchers searched for vulnerabilities, and a separate stage of testing was performed by AI.
According to the Department of Defense, the testing was organized by the Defense Acquisition Agency (DOT) to simulate real-world attack scenarios in a controlled environment and find vulnerabilities before an adversary exploits them. Participants worked in an isolated environment without access to real data and competed on a scoring system. Points were awarded for each bug or vulnerability found, and the final ranking determined the most effective participants.
The audit revealed a number of minor security issues. They have already been passed on to the DOT development team for a quick fix. Separately, the message states that after the event, additional testing of the system using AI will continue, which should help find atypical patterns and vulnerabilities that are more difficult to notice during manual testing.
The event was held under the auspices of the National Security and Defense Council of Ukraine with international support, including the US Department of State, the Government of Canada, and the CRDF Global Foundation. The technical platform for organizing the vulnerability search was provided by BugStream in partnership with Cyber Unit Technologies.
Intensives like BugBash are used as a short «crash test» for a product, where independent experts simultaneously test different attack vectors and provide developers with a list of specific technical findings to fix. For systems related to defense processes, this allows you to quickly close small risks and confirm that the testing was done without working with real data.
Previously, dev.ua wrote about how in 2026, about 70% of the procurement of unmanned aerial vehicles for the Ukrainian army is planned to be carried out through the DOT Chain Defence digital platform .
