Today we have one of the Security Researcher Advocate with us who is working in the domain of cyber security since a long time. She is also a board member of many non profit organisations including Women in Security and Tech (WIST) who is continuously contributing in security community with her effort and passion. She is currently associated with Bugcrowd as Security Researcher Advocate/PM. So let’s have a look on the below conversation Hackers Interview had with Ms. Chloé Messdaghi.
Hackers Interview: Hello Ms. Chloé Messdaghi, please introduce yourself to our readers.
Chloé Messdaghi: Hi everyone! I am a Security Researcher Advocate @Bugcrowd in San Francisco. I’m also a
board member for 4 nonprofits, one of the Women in Security and Tech (WIST) founders, head the San Francisco chapter of WIST, mentor and speaker on diversity and inclusion in InfoSec, supporter of Disclose.io, and founder of a nonprofit called Drop Labels.
Feel free to find out more about me and my upcoming visits at chloemessdaghi.com and follow me or reach out to me on twitter @ChloeMessdaghi
Hackers Interview: What did you do before cyber security? And why you’ve decided to enter into Cyber Security
field as a career option ?
Chloé Messdaghi: Back in High School, I enjoyed figuring out how to get admin controls of the school’s Wifi, and
figuring out other loopholes. However, I was also very much interested in human behavior and human rights in developing countries. I went with the latter for college. Even though I always wanted to learn the depth of cyber security, it just wasn’t a huge area of study at the time at the universities I attended. When doing my M.Sc in Political Research at the University of Edinburgh, I originally was researching terrorism and how to apply cognitive science and data as a way to diplomacy. However, my parents were frightened about the possibility of me being placed in Iraq and or Afghanistan. So, I ended up conducting research on children’s education rates being impacted by micro-finance in Guatemala. From there, I returned to the states and went into education and humanitarian work as a growth management consultant. Then crossed over to the startup tech scene since previous work required me to be resourceful and cost effective just as much. Years later, I missed the office culture, so started to let recruiters know that I was open to a new role and position. One day a recruiter connected with me, asking if I would be interested in a cyber security startup in a marketing manager role. Well, I took the offer. And within the first few weeks, I became passionate about vulnerability management and hacking even further. During this time, I would read anything I could and reach out to others in the field to learn more and more about the incredibly, large field of cyber security. With this never satisfied curiosity and the Infosec community, the field inspires me everyday and I’m truly grateful to be part of it.
Hackers Interview: How are you a Security Researcher Advocate?
Chloé Messdaghi: I’m a security researcher advocate outside and inside of InfoSec.
Outside of InfoSec:
Many unaware persons have projected negative labels on the security researcher community. When in reality it’s a community full of ethical hackers who are just really curious people that want to protect others. They are the everyday heroes. Due to these misconceptions by outsiders, it motivates me to speak out and try to change such beliefs, as well as promote safe harbor via Disclose.io. Besides speaking, I also recruit and mentor underrepresented persons to enter the field because we can always use more creative and diverse people in our community.
Inside of InfoSec:
I speak and mentor within the community for diversity and inclusion in InfoSec because it can be a real challenge being someone underrepresented in this industry. Besides diversity measures, I tend to promote safe harbor, vulnerability disclosure, and bug bountying. I’ve seen so many lives and organizations transformed from being part of the Bugcrowd community and it motivates me everyday at Bugcrowd.
Hackers Interview: Tell us about your experience as Security Researcher Advocate in the field of cyber security.
Chloé Messdaghi: I love what I do. Everyday I get DMs from people who’s life has improved or they are inspired. And everyday I jump on urgent calls from people in the community who need someone to help them. And yes, there are days where I will skip out on sleep here and there, but it was all worth it for making sure no one ever feels alone in this community.
Also, I wouldn’t be able to do what I do if it were not for Bugcrowd. The one part I enjoy the most about my day job is running the Ambassador program at Bugcrowd because I get to chat with some of the best hackers in the world and learn from them.
Hackers Interview: What is the amazing thing you have seen in cyber security this past year?
Chloé Messdaghi: Major strides to incorporate more diversity, and to learn on building better inclusion to keep underrepresented persons in cyber security. Best example is the RSA Conference this year. They made a promise to be more inclusive, and they succeeded big time.
Hackers Interview: What major challenges do you see in the cyber security industry ?
Chloé Messdaghi: I think mental health of the community has become a reality that is starting to come out more in public. I hear too many stories of people committing suicide from loneliness these days. We truly need to come together and make sure that no one feels alone.
Hackers Interview: What is the trending aspect of cyber security industry from business point of view that we should be concerned about besides diversity and inclusion?
Chloé Messdaghi: I would say a shortage of security staff leading to more breaches. This is why vulnerability disclosure and bug bounty programs are critical for more companies to adopt.
Hackers Interview: What is it like to work at Bugcrowd?
Chloé Messdaghi: I absolutely love it there, especially my colleagues. There’s never a moment when I press the snooze button on my alarm. Neither does Sherlock (Chloe’s Shiba Inu Pup). I’m also incredibly fortunate to be on a great team dedicated to the crowd’s growth along with Jason Haddix, Sam Houston, and Kevin Rosenbaum. As a member of the team, Haddix is always open to training on any hacker tool and answer any questions that I may have, which is awesome.
Hackers Interview: While working with Bugcrowd, do you think bug bounty approach is more effective than traditional security audit ?
Chloé Messdaghi: Yes, because it provides a diverse crowd of knowledge to find vulnerabilities. With more various backgrounds, hidden bugs are found faster.
Hackers Interview: What was the last thing you hacked tech wise?
Chloé Messdaghi: Ummmm getting access to someone’s bluetooth headphones and changing their music to Grimes on a flight. Their reaction was priceless. Not going to lie, but it was so hard to hold back from laughing.
Hackers Interview: What do you do in your free time?
Chloé Messdaghi: I love to volunteer in the community, drink loads of tea, learn various hacking tools, mentor people who want to enter infosec and or already in the field, read the latest hacking stories, get lost in thoughts while staring out the airplanes windows in flight, and spend time with my pup Sherlock, friends, and family
“Thanks Ms. Chloé Messdaghi, for giving your precious time to our readers.”
Author: Yogesh Prasad
Ethical Hacker | Information Security Consultant | Cyber Security Expert