More than 1,400 participants took part in a pilot project launched this year, and found 138 valid reports of vulnerabilities, the Pentagon said.
The project invited hackers to test the cyber security of some public Defense Department websites.
The pilot project was limited to public websites and the hackers did not have access to highly sensitive areas.
The US government has pointed the finger at China and Russia, claiming they have tried to access government systems in the past.
The Pentagon said it paid a total of about $75,000 to the successful hackers, in amounts ranging from $100 to $15,000.
School student David Dworken, 18, found six 'bugs' in the US Defense Department websites.
Dworken, who graduated on Monday from Maret high school in Washington, D.C., said he reported six vulnerabilities, but received no reward because they had already been reported.
However, Dworken said he had already been approached by recruiters about potential internships.
He said some of the bugs he found would have allowed others to display whatever they wanted on the websites and steal account information.
Dworken, who will study computer science at Northeastern University, said his first experience with finding vulnerabilities was in 10th grade when he found bugs on his school website.
"Hack the Pentagon" is modelled after similar competitions known as "bug bounties" conducted by US companies to discover network security gaps.
The Pentagon said the pilot project cost $150,000, including the reward money, and several follow up initiatives were planned.
This included creating a process so others could report vulnerabilities without fear of prosecution.
"It's not a small sum, but if we had gone through the normal process of hiring an outside firm to do a security audit and vulnerability assessment, which is what we usually do, it would have cost us more than $1 million," Carter said.
