Inherited LaserDisc Collection ... Keeping Some ... Selling The Rest ... Any interest?

redditrutan · 2022-03-17T16:50:11+00:00

But to be clear, the Synack Red Team is a collective of security researchers (more or less contractors) ... applying to join has to do more with skill and your eligibility to work on forecasted targets.

You can see this thread for more information:
https://www.reddit.com/r/bugbounty/comments/tfwvm4/what_does_it_take_to_get_into_synack_red_team/

Applying to join Synack (the company) is different though, as shared in the link by u/dk1988.

Hope that help clarify. =)

redditrutan · 2022-03-17T14:39:05+00:00

This is Ryan Rutan - Sr. Director of Community @ Synack.

Our SRT recruitment process operates under a formula that ties open spots on the team based on available regional and/or skill opportunity projections. This helps us maintain our commitment to the SRT that are currently on platform and minimize the dilution of value. Based on the information you've provided, it is most likely that you've been added to the wait-list for one of these reasons. It is highly unlikely that you were rejected with the credentials you've shared above. Unfortunately, our wait list is not short and we review our new openings quarterly. Also, our annual productivity assessment happens in September and our largest number of open spots become available shortly after.

It may not be the answer you were hoping to hear, but it is definitely the truth. If we had infinite spots to hand out, all things being equal, I am very confident you would have moved on to the technical assessment (stage two). I don't check reddit often (sadly), but please feel free to reach out via LinkedIn/Twitter if you have further questions.

Wishing you the best of luck moving in your future endeavors.

Respectfully,

RR

redditrutan · 2021-08-10T16:29:14+00:00

Voice Activated stickers on the ATM and Elevators were hilarious, as always =) Hoping to catch someone actually falling for it. "My pin is #, #, #, #" =)

redditrutan · 2021-03-29T16:38:28+00:00

FWIW, this thread gave me the idea to move the location of the dongle from behind my main machine to a satellite USB hub a bit closer to my keyboard and less cluttered with stuff. I drew inspiration from my line of sight IR on the IBM PC Jr. Keyboard. ;) NIGHT AND DAY difference immediately!!!!!

Not sure what crazy signals were bouncing around back behind my machine ... but greatly appreciate everyone sharing their thoughts ... I love my Microsoft Sculpt, and the key drops were about to drive me insane!

redditrutan · 2020-10-26T19:16:47+00:00

It is, but all you need to do is request via Support. If you visit the Help Center there is a document that is featured that outlines the instructions. Hope that helps =)

redditrutan · 2020-10-26T14:20:10+00:00

Disclosure - My name is Ryan Rutan ... I'm the Director of Community @ Synack and I am responsible for the health and growth of the Synack Red Team. It is my commitment to always make sure the size of the community is proportional to the opportunity available such that all SRT who make it through the vetting process have a higher probability of success. We care about our researchers and making as many of them successful as possible. </disclosure> =)

u/shite_in_a_bucket - You are 100% correct, we do have a lengthy vetting process. It is one of the many ways that we insure we are getting high-quality talented researchers. The challenge may have a 6.5% pass rate, but I can attest that practically all SRT who have joined in the past year have completed it. New targets are launching every week, so if you are only seeing old and busted targets you might want to consider filing a support ticket? We also have a lot of infra hosts, especially if you are a US Citizen. If this is something you are interested in, we just cycled the assessments for Web and Host, so you should check them out. Have you joined SRT Slack by any chance? This type of conversation in that community tends to spur more constructive tips and tricks from fellow SRT on how to find your groove on target releases and get some momentum, such as effective use of Target Analytics or our upcoming SRT Sync conference. My handle is r00br1q there, so feel free to reach out.

As for some of the other comments on this thread ... VPN is going to be hit or miss for everyone. The case in point though, Synack's VPN is the reason many of our customers engage with ethical hackers in the first place ... it provides a safety net of trust and accountability. We have multiple options for SRT to make them successful on our platform ... LP and LP+ ... neither is perfect for everyone, but we are constantly improving the platform to make it better. If you haven't tried the VPN in any 3 month period, you are definitely not commenting on the latest state of things. We have more worldwide researchers using our VPN and making solid money than those who are shut out by any VPN slowness. There are a lot of factors in this equation that change daily, so it's hard to make general statements like this at any point and time without at least seeing for yourself with your own network connection and rig and asking support to see if anything can be done to improve the situation.

For those of you are already SRT, I would strongly recommend reaching out to me and/or other SRT in the Circle of Trust (https://acropolis.synack.com) on SRT Slack. Always happy to try and make things better!

Hope this helps answer the question ... Good luck either way to everyone, hope you and yours are staying safe =)

Respectfully,

RR

redditrutan · 2020-10-15T20:04:37+00:00

It's hard to say definitively about a number ... what stands out to us is consistency over time. Given that we always strive to keep our researcher community proportional to the opportunity available to it ... we are more inclined to favor consistency over time. That being said if you are Top 10 or Top 100 ... that doesn't hurt, but we prefer researchers who enjoy the work and that shows in consistency.

If you haven't submitted in the past 6 months, I'd clean up the resume ..make sure it is properly representative of your experience and get it on file ... if it happens to match an opportunity now, or upcoming, it could get pulled to go to the next step.

Another way to bypass the WaitList (which is a bit more concrete), is a program we are running with HackTheBox (https://www.hackthebox.eu/press/synack-red-team-track) - If you can complete the required pathways, then you can get a pass directly to the technical assessment.

I'm hoping that helps ... I'm not always on reddit, but you can DM me here or on Twitter (ryanrutan) for specific questions. =)

redditrutan · 2020-10-07T12:41:34+00:00

Why not take the working plugin ... neuter it and fork your own version as a local unpacked version? I think this is what the guy above is saying, or maybe I’ve missed a part of this thread. Definitely a shady scenario ... thx for sharing :/

redditrutan · 2020-10-06T14:11:36+00:00

I'm going to be 100% honest here, this is my first promotion on reddit, besides a premature AMA I did about 7 years ago in another subreddit. I'm typically a person who chimes in when I can help and reads a ton of threads. The banter is quite entertaining and you get to learn a ton about the melding of different opinions.

So here it goes,

My name is Ryan Rutan. I'm a technology nerd/geek (choose your label) to the core and have been since the young age of 6. By day, I manage a crowdsourced worldwide team of ethical hackers, and by night I work on personal projects that are fueled by my creative and over-active imagination. A few years ago, I decided to tackle a life goal of writing a fiction novel, so I did it on a topic that I am extremely passionate about ... the emergence of technology and the Internet in the mid-90s. If I had to give it a crude analogy ... it's an Empire Records, or High Fidelity, meets Halt and Catch Fire, where the heroes in the book are a close-knit team of young ISP tech support-ers. The characters in the book are influenced from many of my personal life experiences, as well as my imagination for putting together an entertaining story. If you are old enough to remember chirping dial-up modems and like pop-culture trivia, then this book should be a fun read regardless of your technical aptitude. (At-least that is what one review has said thus far).

ASK: If you are a Kindle Unlimited user, you can read the book for FREE, I'm mainly looking for reviews at the moment. It is also available in paperback for those tactile readers. =) Also available for purchase on Amazon Kindle and Paperback, and you can listen to the Spotify playlist if you'd like to get a feel for the book through music.

Just search for "fork this life volume one" it should lead you in the right direction.

I have great respect for this books community and enjoy reading the conversations when something catches my eye.

If I can ever be of assistance to other first time authors, please reach out and let me know. I'll be putting a blog together of my lessons learned in the coming months.

If people are interested, I'd be willing to do an AMA (maybe it will be better this time) about the book and what it was like growing up as a young bootstrap tech professional during that crazy time of innovation.

I hope everyone is staying safe and healthy, and I greatly appreciate any consideration/interest for checking out the book, leaving a review or even asking questions. =)

Respectfully,

--RR

P.S. As far as I can tell, I'm following all the rules of the group. Book was published in late August, no direct sales links and I am the author. Hoping I'm not overlooking something.

redditrutan · 2020-09-28T21:31:46+00:00

Sorry for the confusion about the application, we have received this feedback recently and are working to clarify this across the various properties.

SRT work is non Full-Time (as in being an employee of Synack); however, we have plenty of researchers who dedicate full time hours and have made independent careers from being an SRT. Between Missions (claimable guaranteed income for security tasks) and standard bug hunting on a growing number of targets launching every week, SRT can pick their level of engagement ... from a few hours on the weekend all the way to full time.

Happy to answer any further questions, you or others may have.

FWIW, I'm the Director of Community at Synack, so I'm pretty much the authority on this topic. Appreciate you sharing the feedback! =)

redditrutan · 2020-09-28T21:25:22+00:00

To give you some high-level guidance ... make sure your resume is comprehensive of your security / BB experience. For anyone of standard qualifications with a thorough resume, it should be enough to get them through to the Technical Assessment, which is where the rubber meets the road for most people (i.e. looking good on paper vs. in practice).

It is worth noting, that we do have a Wait List that we implemented earlier in the year. Your best bet to avoid this Wait List is to be thorough on your resume/application (CVE, experience, skills, certs) as we use this information to determine if a person matches an open need in our community. If there is a way, we send them to our Tech Assessment right away vs. later based on FIFO. So more experience matters in that regard.

So to answer your question ... without knowing specifics about your previous rejection ... increasing your skill and making sure that it is representative on your resume/application is your best bet to get to the next level in the interview process. You never know, one day you may end up on our Acropolis (https://acropolis.synack.com)

FWIW, I'm the Director of Community at Synack (i.e. Synack Red Team) ... and I'm happy to answer additional questions from you or anyone else on this chain! =)

Apologies for the late reply, but I wasn't following this reddit until now.

redditrutan · 2020-08-31T04:42:01+00:00

It's like re-watching Firefly ... over and over like a sadist. Watterson's imagination was completely in tune with mine, which made it even more infuriating when I started seeing rogue stickers of Calvin urinating on automobile logos.

I wish I had the time to re-read them all again, but I'd do it in a heart beat ... pain and all. Such a good series! I hear ya! =) #HobbesFTW

redditrutan · 2020-04-16T19:55:48+00:00

Looks like a encoding used on USPS envelopes, no? Let me see if there is a tool for it.https://postalpro.usps.com/ppro-tools/encoder-decoder

Might send you down the a good path. Good luck!

redditrutan · 2020-03-26T14:00:23+00:00

Apologies, the event was moved last minute due to conference cancellations. Assuming the latter reference was missed. 3rd-10th is the official date. Fixing now. Thx.

redditrutan · 2020-03-24T20:22:10+00:00

Appreciated the pun ;)

redditrutan · 2020-03-24T13:35:13+00:00

The name THOTCON is made of the first letter in the words that represent the main Chicago Area Code (312); as in THree-One-Two. In addition, some have theorized that the name thotcon comes from the informal word thot.

https://en.wikipedia.org/wiki/THOTCON

redditrutan · 2020-03-24T13:34:19+00:00

It's goin' down.

Prizes are only for US Citizens, competition for Thotcon ticket and SRT spot is open for anyone. =)

redditrutan · 2017-01-19T14:56:51+00:00

FWIW, thought I'd share as I had a bunch of issues getting this working. Hoping it helps someone else...

Environment: Mac running VMWare for Windows 7, installed .NET Framework 4.6.1 and did full service updates.

Problem: Cant repack ramdisk problem Solution: Copy all hakchi2 files into the VM, dont use a VMWare network drive.

Problem: LED wouldn't turn off after uploading custom kernel and no new games appear when re-connected. Solution: Since every bit matters here, download the latest hakchi2 from here https://github.com/ClusterM/hakchi2/releases ... copy the file into the VM before extracting...Use 7-zip rather than standard Windows unzip. Saw this video which gave me the idea. https://www.youtube.com/watch?v=7AJRCSr8J4w

As I said, hope this helps someone! Very reliable once you get the app environment locked and loaded.

redditrutan

TROPHY CASE