R.I.P. Scout26
The US Army has gaping holes in its information security infrastructure and operates an environment of vulnerability reporting fear, according to current and former members of the department's cyber wing. Captain Michael Weigand and Captain Rock Stevens make the comments in an academic piece on the Cyber Defense Review http://www.cyberdefensereview.org/2015/10/23/avrp/ , a joint project between the Army Cyber Institute and the US Marine Corps Forces Cyberspace Command. In it they say most of the Army's systems are underpinned by information technology but are exposed by an absence of centralised patch management and full bug remediation oversight, along with a "ban" on penetration testing.
Not really any different than most large organization, public and private.Chris
So I'm not sure that the "ban on penetration testing" is accurate. A ban on outside test groups, maybe.
As an example, the USAF has dedicated penetration testing teams.