From NSO Group Hacker to Web3 Security Researcher: An Interview with Trust

An interview with Trust, ex-NSO Group hacker turned web3 bounty hunter and independent security researcher. In just under a year, Trust has rocketed to the top of the code4rena leaderboard, and has made waves on both code4rena and Immunefi.

In this conversation, we delve into Trust's background as an exploit developer at NSO Group, and learn more about his decision to leave and pursue a career in web3 security. Trust discusses his work performing audits on code4rena, participating in bug bounties on Immunefi, and shares with us his methodology and mindset around bounty hunting and security research.

Contact Trust:
https://twitter.com/trust__90
https://www.trustindistrust.com/

Links:
https://code4rena.com/
https://immunefi.com/

OUTLINE:
00:00 - Intro
2:49 - Israel Defense Forces
10:16 - Experience as an Exploit Dev
20:25 - Working at NSO Group
29:16 - Switching to web3 security
38:16 - Traditional (web2) Bug Bounties
41:08 - Web3 Learning Resources
47:29 - Audit Methodology
1:02:10 - Auditing on code4rena
1:07:14 - Audit Methodology cont.
1:13:25 - Bounty Hunting on Immunefi
1:24:02 - Becoming a Judge on code4rena
1:28:20 - Trust Security: Private Audits
1:37:51 - Getting a job VS being an independent security researcher
1:39:56 - Web2 or Web3 as a career for 2023
1:42:08 - ChatGPT for auditors
1:48:28 - ZK auditing
1:51:33 - Future of smart contract auditing