Intigriti’s live hacking events offer a completely different experience to conventional bug bounty hunting. They work by inviting ethical hackers (also known as security researchers and, in this case, bug bounty hunters) to collaborate and connect with a specific organization’s security team, fellow hackers, and of course, Intigriti!
Hackers are invited to participate based on the skills and creativity they’ve demonstrated on the platform over time. Often, the events take place over a few days and happen in person—although some clients Intigriti has worked with have thrown virtual live hacking events, which can still be highly impactful when organized successfully.
One of those companies is Yahoo, with its information security department, the Paranoids, taking a leading role in running the show. The May virtual event was so successful that the team is back again with an experience just as exhilarating. This time, they’re bringing their event to Antwerp, Belgium, where security researchers will meet in person for several days of intense hacking. Today, we’re chatting to two of Intigriti’s and Yahoo’s ethical hackers heading to the event, called 1337UP0822.
Say hello to Sébastien (Smsecurity) and Abdulrahman (AMakki)!
Intigriti: Hi Sébastien and Abdulrahman! You were invited to participate in Yahoo’s live hacking event, and we’re happy you accepted! What made you want to be involved?
Abdulrahman: I’m always interested in live hacking events. I enjoy competing with other hackers and talking to them! Also, it’s always helpful and I learn a lot from every event.
Sébastien: Agreed! For me, Yahoo is a very special program as they were the target of my very first live hacking event in 2018. I have continued actively working with them since then. It has been a fantastic collaboration and a pleasure to work with the Yahoo team! It’s also an excellent opportunity to go to Belgium, which I have wanted to visit for a long time.
Intigriti: What do you think you’re doing right that made Yahoo pick you?
Abdulrahman: The past few months, I spent a lot of time finding critical bugs on the Yahoo program. I think this is why Yahoo invited me to the event.
Sébastien: I think the fact that I’ve been working on their program for a long time is one reason why Yahoo sent me an invite. Also, staying active and professional has created a good relationship between us. Winning some awards from previous Yahoo live hack events definitely helps too!
Intigriti: What makes a live hacking event different from participating in a bug bounty program from home?
Sébastien: I have participated in over 20 live hacking events in the past, and it is always an exciting experience. It’s incredible to meet all these great hackers and customers from around the world and make new friends. I also love to travel, which makes live hacking events even more unique, especially since COVID has suspended travel for the past few years.
There’s also a competitive spirit, which makes you want to perform and earn awards that you can’t find on a standard bug bounty program.
Abdulrahman: I’ve also participated in hacking events previously. One of them was with Yahoo, where I made the finals and ranked fourth place. Plus, I won the Hacker of the Day award!
Live hacking events are always more fun than bug bounty hunting from home, in my opinion. I enjoy the competition, talking to other hackers, and having a great time with them!
Intigriti: What three things do you most want to get out of participating in the day?
Abdulrahman: Of course, I would like to make new connections with other hackers and the team. I would also like to have the chance to meet hackers that I know and talk online with regularly. Finally, I want to learn about bugs I didn’t know about previously from the ‘show and tell’ part of the event.
Sébastien: These would be my top three: 1) Meet the Yahoo security team and Intigriti crew to build a better bond. 2) Learn and be inspired by my hacker peers. 3) Make new connections with other hackers.
Intigriti: What advice would you give to other security researchers who want to become involved in future live hacking events with Yahoo?
Sébastien: I would suggest being active on their program and remaining professional in your interactions. Another tip would be to try to limit the noise and go for the most impactful bugs.
Abdulrahman: I agree. My recommendation would be to spend more time finding impactful bugs than trying to discover a lot of low-impact bugs. Focus on severity rather than quantity.
Intigriti: How have Intigriti and Yahoo supported you in the lead-up to the day to ensure you could be as successful as possible?
Sébastien: Intigriti and Yahoo are amazing hosts! Everything is always super smooth, and hackers can focus on what they do best… hacking!
Abdulrahman: I joined Intigriti’s platform this year, and I really like it. The team is very responsive and friendly, and Yahoo is the program on which I reported my first bug. This was one of my best experiences and I learned a lot from it.
Intigriti: Thanks, Sébastien and Abdulrahman. See you at the event!
Thinking about running your own live hacking event? Then be sure to get in touch with Intigriti. We have a lot of experience running these events, and we can help you make it fun, impactful and an event never to be forgotten. Start the conversation with one of Intigriti’s experts today!