Facebook and Google collaborated and organized a two-day Security Conference ‘BountyCon’ in Singapore, where BCA (Hons) 2nd Year student Rohit Kumar of Lovely Professional University (LPU) also participated. The focus of the conference was on learning and developing practical skills for discovering and reporting high-quality vulnerabilities. The conference was held on March 30 and 31, 2019 at Facebook Head Quarter in Singapore, Rohit was fully funded with all airfare and accommodations to attend the event conveniently. The event consisted of technical discussions and industry networking opportunities.

Rohit is one among some other fortunate students from the Asia Pacific region to get a free invitation. Security Program Manager at Facebook (US) Zach Turk has forwarded in a letter that Rohit will be served as an invited guest of ‘Facebook’ during the conference, to be held at Ibis Hotel, Macpherson Road, Singapore. Hailing from a very small village Mokama in district Patna of Bihar State, Rohit has been nursing a special liking for computer skills right from his 5th class; however, no one could understand his passion. He shares that ultimately, he joined LPU BCA program, coming far away from his home. Here at LPU, Rohit got an extended vent to his computational passion and established a strong place in the security researchers’ world in just two years’ span.

An Ethical Hacker to the core and a start-up enthusiast too, Rohit has earned many thousands of US Dollars through his unique computing skills. At LPU, Rohit has learnt to be an illustrious entrepreneur instead of being a servant to somebody else. Presently, Rohit is also running two start-ups at LPU, one of which is incubated from the world’s number 1 startup incubator and investor group-‘YCombinator’. Under the continuing guidance of his mentors at LPU School of Computer Applications, Dr Prof Ashwani Tiwari and Prof Manikant Roy, Rohit now wants to lead many groups of LPU students for innovative start-ups at LPU Campus. Rohit also informs that prior to this he was also invited at 1st China-India Mobile Phone Summit. Illustrative, Rohit is on the foot-prints of his renowned seniors at LPU including Bibin Babu, Rahul Tyagi, Nipun Jaiswal, Khageshwar Izardar and others, all of whom are names in their respective computer-oriented domains.

Rohit’s has described his first-hand experience at BountyCon conference 2019 in Singapore in his own words:

BountyCon was one of the Best conferences for me. It taught me a lot of stuff. Before this event, I was testing different targets as fun and I wasn’t focusing on it entirely. I was testing different targets like facebook, Hackerone Companies during summer and winter vacations only. I spend most of my time in product development for my Startup ColdfoX and EdVoid. I spend my weekends with client meetings. 

I had a conversation with World’s top ethical hackers like Frans Rosen (@fransrosen), Shubham Shah (@shubs) and Ben Sadeghipour (@nahamsec). They told me how they approach any target. What things should we consider before testing any target? I had no methodologies in place and they all were having some kind of unique methodologies. I thought this is the time I can improve my skills in Ethical hacking and cyber security and from that same day). I started automating most of the part and I developed my own strategy and methodologies.  I submitted 9 security vulnerabilities in the last 4 days which proves that now I am improving myself. I also had a discussion with Jack Whitton (@fin1te). He is a security researcher at Facebook and he is working with Facebook product development team. He told me how he started his own journey and how I can improve my skills.

This event was full of learning and motivational experience for me. Still, I will be focusing on my startup for most of the time but I am also considering this bug bounty as a good opportunity for me. Bug bounty helps me paying my colleagues and interns who are working with me on my startup. So, you can say that bug bounty is a kind of funding source for my startup.

My target is to compete with worlds top security researchers in live hacking events within 1.5 years. BountyCon was a first live hacking event for me. I will be visiting different countries to compete with different ethical hackers within the next few years. For most of the student ethical hacking is a carrier but I am taking it as a fun and good opportunity as a hobby. My hobby is Tech based product development and Ethical hacking. 

Worth mentioning, the Singapore conference was a step towards supporting the growth of the security research community. At this, students with university-level knowledge of security concepts and interest in bug bounty programs and other areas of security research were invited. All of them got the opportunity to learn from some of the top bug hunters from Facebook’s and Google’s bug bounty programs. Students also participated in a live hacking event, and heard directly from top engineers on how to discover and report security improvements on the internet’s largest platforms.

In fact, founded in 2004, Facebook’s mission is to give people the power to build community and bring the world closer together. People use Facebook to stay connected with friends and family, to discover what’s going in the world, and to share and express what matters to them.