No announcement yet.

OpenSEC Blue Team CTF at DEF CON 27

  • Filter
  • Time
  • Show
Clear All
new posts

  • OpenSEC Blue Team CTF at DEF CON 27

    Click image for larger version

Name:	OpenSOC.png
Views:	1010
Size:	35.6 KB
ID:	228355

    Open from 8/8 @ 10:00 -> 8/11 @ 12:00

    OpenSOC is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network. This virtual environment is a scaled down version of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high fidelity training environment for unleashing real-world attacks and testing a responder’s ability to filter out the noise and find malicious activity on the network.

    This isn’t just another CTF. We’ve built this platform to train real-world responders to handle real-world situations. What’s even better? 100% of the security tools demonstrated on OpenSOC are FREE and OPEN SOURCE! These projects include Wazuh + ossec, Kolide + osquery, Suricata, Snort, Moloch, OPNsense, pfSense and Graylog bringing it all together in an awesome way.

    The Challenge:
    • Given an initial IOC’s (indicator of compromise (or pivot point)), identify attacks that are being carried out against and within the enterprise environment.
    • Trace the attackers throughout the kill chain, submitting key IOCs and observables to the scoreboard as you reveal their tactics.
    • Reverse engineer any artifacts connected to hostile activities.
    • Perform forensics analysis on PCAPs (Packet Captures), memory images, etc.
    • Win awesome prizes, learn new skills, and get experience with some of the best OPEN SOURCE tools for SecOps!
    PGP Key: