We Have Been Shortlisted! For Procurement Technology Of The Year 2020

Find Out More

Bounty Hunters, Hacking and Hit Lists: My Cyber Security Work Experience at Market Dojo

MARKET DOJO, INTERNSHIP, MARKET DOJO INTERNSHIP, WORK EXPERIENCE MARKET DOJO, MARKET DOJO INTERN, INTERN, SECURITY, our company, our software, WORK EXPERIENCE, CYBER-SECURITY
Blogs, People, Our Company

During my time at Market Dojo, I have been busy finding security vulnerabilities within Market Dojo’s services. This has involved creating and setting up a bug bounty program, reviewing their security rules and I have enjoyed every moment. 

From when I first stepped through the door I was made to feel welcome and relaxed at Market Dojo. I was introduced to Nic Martin, who was my work experience partner for my time at Market Dojo, as well as the rest of the team who were incredibly friendly and made sure that I settled in. 

The friendly environment meant I had no problem asking questions, as people were so willing to help that I didn’t feel as if I was bothering them or wasting their time. This allowed me to take much more enjoyment from the tasks that I was set, as I wasn’t sat around for long periods of time wondering what to do.

I was first tasked with going through a security checklist to tick off the security measures that Market  Dojo have, and don’t have, in place. I would then suggest ways Market Dojo could meet any security measures they may have missed within the security checklist. The First task gave me a thorough understanding of the different security measures a company has to have in place, to comply with data protection laws and legislation. 

Next, I was tasked with finding any security vulnerabilities within Market Dojo’s test services. I used Linux Kali’s operating system to find vulnerabilities within Market Dojo’s test site services, as this operating system comes with multiple hacking tools pre-installed. I was able to diagnose two XSS (Cross-site scripting) vulnerabilities within Market Dojo’s test site services by injecting XSS scripts into all of their fields until a pop-up occurred, caused by the XSS script reacting with the Javascript within their services. I really enjoyed this task as it got me thinking about the different methods I could use to test Market Dojo’s test services for any security vulnerabilities. 

I was then asked to create a bug bounty program for Market Dojo to help them secure their services by asking hackers around the world to test their services for any security vulnerabilities in exchange for a reward, which was a certificate of thanks and a spot up in the hall of fame. During this task, I made a certificate and a Hall of fame webpage to give the bug bounty hunters a reward for finding security vulnerabilities within Market Dojo’s services. I also created a formal plan for the bug bounty program and a document containing the rules of the program to give to the bug bounty hunters to tell them what they can and cannot do when participating in the bug bounty program. 

Once we had all the resources for the bug bounty program ready together we first launched a private bug bounty program and tried to reach out to people who found bugs in MarketDojo services in the past. A week later nothing had happened, so we then set-up a public bug bounty program on a bug bounty website called FireBounty. This was to get more people to find participate to find security vulnerabilities within Market Dojo’s services. I enjoyed this task as it gave me experience and knowledge on how to set-up bug bounty programs for companies and the steps involved before releasing your bug bounty program to the public.

Finally, I reviewed MarketDojos security training where I identified and implemented areas of knowledge that would be useful for employees to learn about into their security training presentation such as phishing examples and explaining about encryption. This task was useful as it helped me understand the security measures that an average small business would have in place to protect their business against cyber attacks.

Reflecting on the time that I spent at Market Dojo, I have loved the whole experience. The tasks that I was given at Market Dojo have given me the knowledge and experience on how cybersecurity is applied to a business and what sort of tasks I would work through if I was a cyber-security employee within a business. This knowledge will help me through the cyber-security course that I am doing at college as part of my exam unit is about how cyber-security is applied to a business. I greatly appreciate the time Market Dojo have put aside to have me working for their business and would like to thank the whole team for being friendly and welcoming.

December 24, 2019

no comments

Leave a Reply

Your email address will not be published. Required fields are marked*

Kontakt

Consultation Call
Vorname*
Nachname*
Firmañía*
Telefonnummer*
Email*
Ihre Wünsche
Lead Gen
Lead Source
Lead Source Detail

Contacto

Consultation Call
Nombre*
Apellido*
Compañía*
Teléfono*
Email*
Me interesa
Lead Gen
Lead Source
Lead Source Detail

Contactez-Nous

Consultation Call
Prénom*
Nom*
Société*
Téléphone*
Email*
Interessé par
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Consultation Call
First Name*
Last Name*
Company*
Phone*
Email*
I'm interested in
Lead Gen
Lead Source
Lead Source Detail

GET IN TOUCH

Test