Dive into this month’s Researcher Spotlight if you’re looking for that new year inspiration! With 10 years of experience in Cybersecurity, Eric Head aka TodayIsNew has developed a hacker skillset like no other. Check out his story below!
How did you get into the Cybersecurity space?
“Almost 10 years ago now, but I kinda discovered it by accident. I found a bug in a Google product, and was rewarded with a bounty. From that point on, I was hooked!”
We’re very glad you found that first bug which led you here. 🧡
What and/or who first sparked your interest in hacking?
“My parents got a used Commodore 64 computer for our family when I was younger, and that required a bit of coding knowledge to play games. A few years after that, we got a 486, and I discovered Visual Basic. I started making my own programs and games, and I guess I never really stopped :)”
Who wants to play the games Eric created? We know we do! 🙋
How long have you been hunting?
“Since 2014/2015”
How have bug bounties impacted your life?
“I do this full time, so it’s allowed me to provide for my family. While I have been able to spend money on some fun things, the best thing that bug bounties have afforded me is the time to spend with my family and friends. It’s hard to put a price on that! :)”
You’re right, time spent with family and friends is always time spent well. 🥰
Are you a part-time or full-time hacker? How much time do you spend hacking each week?
“Full time! I spend more time that I’d like to on hacking each week – it’s just so addictive 🙂 But, I do try to force myself away to enjoy time with friends and family.”
A career and a passion all in one? Goals. 🔥
What has been your biggest challenge while hacking?
“Burnout is tough, since there is ALWAYS something happening. If you step away, someone else might step up. Besides burnout, I have unfortunately encountered some shady individuals that have tried to take advantage of myself and others. It’s frustrating to see your research being presented by another individual as their own, and being rewarded for doing so.”
We’re sorry to hear about this unfortunate event, as no one’s work should EVER be stolen. We’re all inspired by you for continuing on your own hacking journey. Keep going! 👏
Do you have any favorite tools or resources to learn?
“I’ve learned so much from other researchers in the community. The community itself is an amazing resource. If someone is eager to teach how they do things, I’d always recommend sitting down and listening to what they have to say :)”
Do you have any advice for new hackers or people transitioning into bug bounty?
“Be weary if you’re planning on doing this full-time from the beginning. It can be very challenging to be counting on a bounty to pay your bills, especially when the bounty isn’t what you expected, or doesn’t get paid at all. Look towards what are a good fit for you, your interest opportunity or necessity. What a natural interest you have this is fun to you, a path you can follow and have a deeper understanding and apply to bug bounty. Opportunities that you are learning or plan to learn something new that you can apply to your research. And for necessity, are you being forced to learn something for school / work how can you find the benefit in those situations to apply whats learned towards bug bounties.”
Don’t wait for opportunities to come to you, create opportunities for yourself. 🤝
What’s an important lesson that you wish you learned early on in your hacking career?
“Just because you find a valid bug, doesn’t mean that it’ll turn into money. More often than not, the end result will be no bounty. Don’t let that discourage you though – try to look where few have looked before, or try to look for something that not many others are looking for.”
How do you avoid burnout and take care of your mental health?
“The first step to avoid burnout is to acknowledge that it’s real, and that you aren’t the special case that isn’t affected! 🙂 For me, I have to force myself to step away from the screens. I have programs written to lock down what I’m working on at predetermined intervals, to ensure I take the breaks I should. On top of that, I’m a big proponent of meditation and mindfulness.”
Deep breath in, deep breath out. 🧘
Where do you see your journey going from here? What are some goals you have for this year?
“Every day, I see significant vulnerabilities patched, and new vulnerabilities pop up and get exploited for evil. The work that I do helps to limit how badly things can be exploited, while at the same time providing for my family. I kinda see myself doing this for the foreseeable future, or until there are no more vulnerabilities on the internet :)”
Talk about a win-win! 🎉
Why do you hunt with Bugcrowd?
“The Bugcrowd team is a big reason why I hunt with Bugcrowd. Early on in my career, I made some real connections with the staff, and that meant a lot to me. I’ve had some great bounties from Bugcrowd, but it’s the people there that keep me coming back more than anything else.”
What does your life look like outside of hacking?
“I’m lucky to have both 7 and 4 year old daughters who provide wonderful special times together. Myself and my partner enjoy seek adventures of life seeing new places and people, enjoying games, and being in nature :)”
Who is your hero?
“Anyone who is willing to put in the effort to be a better person, or share kindness to anyone in anyway that leaves them and our world in a better place :)”
Spread kindness. ☝️
Tell us a fun fact about yourself!
“For a few years, I worked at an amusement park during their Halloween season as one of the actors that scares people. Here’s a video! https://youtu.be/zWT1sPLaF1o”
Watch the video. We promise it will make your day better. 🤭
We’re all ready to take on 2023 now, thanks to TodayIsNew. If you’re a bug bounty hunter and ever feel stuck or discouraged, remember to trust the process. You’ve got an entire community cheering for you, including us!
Want to stay caught up with all things Bugcrowd? Follow us on Twitter and Instagram and don’t forget to join us on Discord! Are you ready to join the hunt? Sign up for a researcher account today and start hacking!