With the launch of the weekly Researcher Spotlight, we will share stories from our global hacker community. This week we’re putting the Spotlight on a Cal Poly student studying Computer Science, Nicole Anderson-Au.
When Nicole was very young, she loved to do logic puzzles, such as Sudoku and became passionate about investigating with clues and trying to piece together information to solve problems. Her father, a software engineer, encouraged her to take programming classes in High School. In her Freshman year, she took Intro to Java and then in her Sophomore year took a break from programming. However, she realized how much she missed it and in her Junior year, enrolled in AP Computer Science. After her AP class, she started to take classes in programming at a community college since her high school had no more programming classes.
While doing college tours for engineering, she visited Cal Poly. During her visit, she came across The White Hat – Ethical Hacking Club. It was this club’s welcoming community that motivated her to get into cybersecurity and attend Cal Poly.
In her first year, she became friends with the president of the club who shared information about the CTF team at Cal Poly. Nicole decided to join the team and did her first CTF. Even though it was extremely difficult, she was persistent to continue. By her sophomore year, she became the social chair for the club and got involved with Bugcrowd sponsored events.
Now, she is a Junior at Cal Poly and the Vice President of The White Hat club, who now rocks CTFs.
How did you get into Cybersecurity?
“I have loved computer science since my freshman year of high school, but it wasn’t until I started touring colleges that I started to become interested in security. I toured Cal Poly the Spring of my Junior year and got to see the White Hat security lab on campus at the school. I talked to some of the members about security and it sounded very interesting. I hadn’t heard a lot about cybersecurity and it seemed like Cal Poly had a better program than most other schools, so part of my decision to go to Cal Poly was inspired by an interest in security and specifically the White Hat club. When I got to Cal Poly, I immediately sought out the White Hat club and became a very active member. I went to all of the weekly talks, the social events, and attended my first CTF. The CTFs that I participated in were very difficult and somewhat frustrating, but I persevered and eventually solved my first challenge. I then became social chair of White Hat my sophomore year, then Vice President my Junior year. My sophomore year, I organized one of our biggest events of the year, the iFixit Security triathlon, which is a fun 3-part team competition which includes a CTF we write ourselves, lockpicking, and hardware teardown. I got into bug bounties this year at the CCI/BugCrowd bug bash. I attended with some other members of White Hat and competed to find vulnerabilities in the Arlo devices. My team, unfortunately, did not find any bugs, but analyzing the systems and participating in the event was very fun and a cool learning experience.”
How do you manage your personal life, work, and bug bounties?
“So far, I haven’t done a lot of work on bug bounties. I hope to increase my work in the area in the future, but for now, I am mostly focusing on school and the White Hat club as well as my other various responsibilities at Cal Poly.”
What are a few of your favorite hacking/security tools? Why should others use those?
“One of the best tools that we used for the Bug Bash event was Wireshark. It’s a free, fairly easy to use network analysis tool. It’s good for getting started either learning about network security or just networks in general. It’s cool to be able to see the actual packets that are being sent back and forth.”
What is a quick hacking tip or technique that you recommend?
“Look for resources online. Read a lot about what’s already been done so you don’t spend forever trying to reinvent something that you can use online for free.”
What advice would you give to someone who is starting out as a beginner in bug bounties?
“Watch some youtube videos or find some friends who have the experience to learn from. It’s always helpful to actually get out there and start hacking, but having a little bit of education can go a long way and also help build confidence.”
How have bug bounties impacted your life?
“They’ve given me some experience with how real life hacking is different than the CTFs that I usually do.”
What do you like to do in your free time, when you’re not doing bug bounties or working?
“I like to play volleyball, go swing dancing, and hang out with my friends. I also do CTFs in my spare time.”
Thank you so much to Nicole for her time and for her great contributions to the bug bounty community!
Interested in becoming an ambassador? Apply to become a Bugcrowd Ambassador today! If you have any questions, please Twitter direct message @ChloeMessdaghi