A few weeks ago I flew out to Las Vegas with HackerOne to help run an event we had been working on for a while called H1-702. It was a hackathon designed for some of the world’s most talented security hackers.
H1-702 was one piece in a picture to ensure HackerOne is the very best platform and community for hackers to hack, learn, and grow.
This was the event that we invite the cream of the crop to…hackers who have been doing significant and sustained work and who have delivered some awesome vulnerability reports.
Hacking For Fun and Profit
For the event we booked a MGM Grand Skyloft for three evenings. We invited the most prolific hackers on HackerOne to join us where they would be invited to hack on a specific company’s technology each night. They didn’t learn about which company it was until the evening they arrived…this kept a bit of mystery in the air.
Each evening Hackers were provided with the scope and then invited to hack these different products and submit vulnerabilities. Each company had their security team and developers on-hand where they would be able to answer questions, review and confirm reports quickly (and then fix the issues.)
Confirmed reports would result in a payout from the company and reputation points. This would then bump the hacker higher up on the H1-702 leaderboard and closer to winning the prestige of H1-702 Most Valued Hacker, complete with a pretty badass winners belt. As you can imagine, things got a little competitive.
Each evening kicked off at around 7pm – 8pm and ran until the wee hours. The first night, for example, I ended up heading to bed at around 5.30am and they were still going.
There was an awesome electricity in the air and these hackers really brought their A-game. Lots of hackers walked out the door having made thousands of dollars for an evening’s hacking.
While competitive, it was also social, with people having a good time and getting to know each other. Speaking personally, it was great to meet some hackers who I have been following for a while. It was a thrill to watch them work.
Taking Care of Your Best
In every community you always get a variance of quality and commitment. Some people will be casual contributors and some will invest significant time and energy in the community and their work. It is always critical to really take care of your best, and H1-702 was one way in how want to do this at HackerOne.
Given this, we wanted deliver a genuinely premium event for these hackers and ensure that everyone received impeccable service and attention, not just at the event but from the minute they arrived in Vegas. After all, they have earned it.
This was an exercise in detail. We ensured we had a comfortable event space in a cool hotel. We had oodles of booze, with some top-shelf liquor. We provided food throughout the evening and brought in-chair massages later in the night to re-invigorate everyone. We provided plenty of seating, both in quiet and noisier spaces, lots of power sockets and we worked to have fast and reliable Internet. We provided each hacker with a HackerOne backpack, limited edition t-shirts, and other swag such as H1-702 challenge coins. We ensured that there was always someone hackers could call to solve problems, and we were receptive to feedback each night to improve it the following night.
Throughout the evening we worked to cater to the needs of hackers. We had members of HackerOne helping hackers solve problems, keep everyone hydrated and fed, and having a good time. HackerOne CEO Mårten Mickos was also running around like a waiter (amusingly with a white towel) ensuring everyone had drinks in their hands.
Overall, it was a fun event and while it went pretty well, there is always plenty to learn and improve for next time. If this sounds like fun, be sure to go and sign up and hack on some programs and earn a spot next year.
Jono Bacon: Running a Hackathon for Security Hackers
Source: Planet Ubuntu