Cybersecurity experiences must be constant to be effective. Like gamers, security experts are curious, creative individuals with a penchant for problem solving; our industry never stops moving, and neither should your team’s skill levels.
Now more than ever organizations are facing a challenge to keep their employees motivated. Cybersecurity CTFs are the way to go: there are prizes, it's fun, and at the end of it, you gain kudos for getting the token first.
But how do you turn a CTF event into a learning experience? How can organizations benefit from CTF events and ingrain them in their cybersecurity strategy?
WEBINAR: Cybersecurity CTFs: The power of competition in building attack-ready humans
Join Kevin Breen, Max Vetter and Chris Pace on Thursday 11th February at 3PM GMT (10AM ET) for our webinar, and discover how you can tool up your team with a hacker mindset.
Immersive Labs CTF labs: KWEEN Series
Kween Industries is a fictional US-based oil and gas company that needs to know if its network is secure. In this series the user will assume the role of a red team pentester, to identify flaws in the system, and a blue team defender, to pinpoint how the company was attacked. Most of the vulnerabilities in this series are derived from a real-life penetration test, making the exercises as realistic as possible.
These labs tie into our core values of equipping and exercising; they will prepare your teams to respond efficiently when a real breach occurs.
As a red team pentester, the user will traverse eight labs of increasing difficulty as they attempt to hack Kween’s systems. To succeed they must break the network perimeter and own the first environment before moving to the second and taking control of the PLC. The series will test users on crucial skills including hacking infrastructure, web hacking, active directory, binary exploitation and scripting.
On the blue side, the user will perform a basic investigation on behalf of Kween Industries, which is believed to have been compromised. Over the course of eight parallel labs, they must learn about the attackers’ tools and techniques and identify which machines and user accounts were targeted. Using various established industry tools, the user must execute tasks such as network traffic analysis, memory and disk-based forensics, and malware analysis. They will also be exposed to key infrastructure including proxy servers, workstations, and domain controllers.
These labs are opposite sides of the same coin; while the red team labs aim to utilize and explore vital MITRE techniques, the blue team labs focus on identifying a technique that has been employed against an organization. To complete the challenge the user must demonstrate cyber nous, creativity, and perseverance.
Accessing the KWEEN series
28 January 2021