During my time at Market Dojo, I have been busy finding security vulnerabilities within Market Dojo’s services. This has involved creating and setting up a bug bounty program, reviewing their security rules and I have enjoyed every moment.
From when I first stepped through the door I was made to feel welcome and relaxed at Market Dojo. I was introduced to Nic Martin, who was my work experience partner for my time at Market Dojo, as well as the rest of the team who were incredibly friendly and made sure that I settled in.
The friendly environment meant I had no problem asking questions, as people were so willing to help that I didn’t feel as if I was bothering them or wasting their time. This allowed me to take much more enjoyment from the tasks that I was set, as I wasn’t sat around for long periods of time wondering what to do.
I was first tasked with going through a security checklist to tick off the security measures that Market Dojo have, and don’t have, in place. I would then suggest ways Market Dojo could meet any security measures they may have missed within the security checklist. The First task gave me a thorough understanding of the different security measures a company has to have in place, to comply with data protection laws and legislation.
I was then asked to create a bug bounty program for Market Dojo to help them secure their services by asking hackers around the world to test their services for any security vulnerabilities in exchange for a reward, which was a certificate of thanks and a spot up in the hall of fame. During this task, I made a certificate and a Hall of fame webpage to give the bug bounty hunters a reward for finding security vulnerabilities within Market Dojo’s services. I also created a formal plan for the bug bounty program and a document containing the rules of the program to give to the bug bounty hunters to tell them what they can and cannot do when participating in the bug bounty program.
Once we had all the resources for the bug bounty program ready together we first launched a private bug bounty program and tried to reach out to people who found bugs in MarketDojo services in the past. A week later nothing had happened, so we then set-up a public bug bounty program on a bug bounty website called FireBounty. This was to get more people to find participate to find security vulnerabilities within Market Dojo’s services. I enjoyed this task as it gave me experience and knowledge on how to set-up bug bounty programs for companies and the steps involved before releasing your bug bounty program to the public.
Finally, I reviewed MarketDojos security training where I identified and implemented areas of knowledge that would be useful for employees to learn about into their security training presentation such as phishing examples and explaining about encryption. This task was useful as it helped me understand the security measures that an average small business would have in place to protect their business against cyber attacks.
Reflecting on the time that I spent at Market Dojo, I have loved the whole experience. The tasks that I was given at Market Dojo have given me the knowledge and experience on how cybersecurity is applied to a business and what sort of tasks I would work through if I was a cyber-security employee within a business. This knowledge will help me through the cyber-security course that I am doing at college as part of my exam unit is about how cyber-security is applied to a business. I greatly appreciate the time Market Dojo have put aside to have me working for their business and would like to thank the whole team for being friendly and welcoming.