The #GrouponU Blog is back for 2016! We’ll regularly feature a Groupon intern or recent college grad telling you about their experience tackling challenging problems and working with our teams.
Who are you?
Abby: Hi! My name is Abby Grobbel and I am interning with Groupon this summer! I will be a senior at the University of Michigan. I am studying computer science engineering with a minor in German language.
Jinting: Hey! My name is Jinting Hayter. I am also a senior Computer Science student at the University of Michigan. This summer, Abby and I are on the Application Security (AppSec) team in Chicago.
Tell us about your team!
Abby: The AppSec team focuses on reviewing code and conducting tests on Groupon’s site to ensure secure implementation, as well as handling security threats and researching better ways to implement security. AppSec communicates with the rest of the engineering teams throughout development.
Jinting: I couldn’t have said it better myself. You might not typically hear that much about the security teams within Groupon, but we’re here and we’re important! There’s also this thing called ‘Red Team,’ which is where the security team does penetration testing and tries to exploit security flaws in Groupon’s website. Abby and I have been familiarizing ourselves with some hacking techniques over the past couple weeks in preparation for that.
What are you working on this summer?
Abby: I’ve been involved in building a web application to manage the security status of all of Groupon’s internal applications. Rather than manually sorting through over 500 applications, it gathers data from Groupon’s central repository and presents the team the most crucial applications that need security audits. Each application can be ‘grabbed’ by a member of the application security team and when the security check is done, marked as secure. Not only does this streamline the workflow for performing security audits within Groupon, it also allows the team to better visualize the scope of all vulnerable applications within Groupon and the team’s progress over time. It integrates a few different tools the team currently relies on, primarily a tool called Codeburner, which runs each application through a pipeline of tools to reveal security risks. Beyond just this project, discussing ways to remediate vulnerabilities and being included in the team’s discussions of new ways to improve security has been a great learning experience.
Jinting: I’ve also been working on the project Abby described in detail above. My role has been primarily integrating Codeburner into the dashboard, receiving burn data for a given service and sending it to get scanned for vulnerabilities by the Codeburner application. Another really cool project I’m starting to get involved with is the Groupon Online Defense dashboard. Very simply, Groupon Online Defense manages web traffic to identify abusive actors by IP address. The dashboard is actually only one of three parts that make up the system – the other two parts being Behavioral Modeling and Repsheet. AppSec is mainly responsible for maintaining the dashboard, the UI component of the system, which allows users to view the status of the system in addition to manually submitting actions. It’s a very sophisticated and complex piece of software and I’m super excited that I have been given the opportunity to work on it!
What is it like working at Groupon?
Abby: So far everyone at Groupon has been extremely welcoming and willing to offer help and guidance when I need it. The quirky atmosphere makes coming to work everyday exciting and all the different events for engineers throughout the week definitely encourage a learning environment. It’s amazing being able to work for a company which consistently invests in the development of its employees.
Jinting: Ditto to what Abby said. Working at Groupon has been really awesome so far! Everyone has such a great attitude all the time and treats the interns like they would treat anyone else who works at Groupon, nothing less. I really enjoy working with my team as well. We all have great chemistry and help each other out when we see each other struggling, all while making sure we’re still having fun and not taking things too seriously!
Any highlights this summer?
Abby: For me, my summer highlights have been our architectural boat cruise of downtown chicago, attending the Pride Parade with Groupon’s float, and enjoying the many amazing places to eat in the city with the Groupon Chicago tech interns.
Jinting: So many! Getting to know the other interns and goofing around in the city has been really fun. Just a couple days ago, a bunch of us went to Taste of Chicago, and a couple weeks ago, we marched in the Pride Parade. P.S. 10/10, highly recommend. It was truly an amazing experience.
I recently started a program with the mission of getting the engineers in the Chicago office to get to know one another a bit more, in a casual setting. Essentially, teams are paired each week and are encouraged to grab lunch together, have interesting conversation, and maybe even learn a thing or two about how the other team operates. I was given the opportunity to pitch my idea to all the engineers at one of the weekly ‘Hello, Chicago!’ tech all hands meetings, and I got an overwhelmingly positive response. Over 24 teams have signed up so far! It began as a little idea, but with the help of my manager, I was able to reach out to the right people and the rest is history. My advice for future interns is just to be loud with your ideas and visions. You never know, it could really take off!