Announcement

Collapse
No announcement yet.

Welcome the OpenSEC Blue Team CTF to DEF CON Safe Mode!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Welcome the OpenSEC Blue Team CTF to DEF CON Safe Mode!

    Click image for larger version  Name:	OpenSOC.png Views:	0 Size:	35.6 KB ID:	232950



    OpenSOC is a Digital Forensics, Incident Response (DFIR), and Threat Hunting challenge meant to teach and test practical incident response skills in an environment that closely resembles a real enterprise network.

    This virtual environment is representative of what you would find in an enterprise network, including: workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high-fidelity training environment for unleashing real-world attacks and testing responders’ abilities to filter and detect malicious activity on the network.

    This isn’t just another CTF. We’ve built this platform to train real-world responders to handle real-world situations, and each year we incorporate new scenarios that are modeled after threat actors and breaches experienced by the OpenSOC team. From APT attacks using 0-days and heavily weaponized shellcode to sneaky lateral movement and exfiltration techniques, we expose contestants to a wide-range of techniques that we see actively used in the wild.We encourage team participation, and always have folks on hand to assist those just getting started out.Even better - 100% of the security tools demonstrated within OpenSOC are Free and/or Open Source!

    These projects include Velociraptor, Sysmon, osquery, Suricata, Moloch, pfSense and Graylog + ELK bringing it all together in an awesome way. This allows our contestants to not only have fun at DEF CON, but also learn skills and tools they can take back to work on Monday.

    The Challenge: Given an initial IOC (indicator of compromise), identify attacks that are being carried out against and within the enterprise environment, pivoting between key artifacts· Trace the attackers throughout the kill chain, submitting key IOCs and observables to the scoreboard as you reveal their tactics.· Reverse engineer any artifacts connected to hostile activities.· Perform forensics analysis on PCAPs (Packet Captures), memory images, etc.· Win awesome prizes, learn new skills, and get experience with some of the best Open Source tools for SecOps!
    PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

  • #2
    Count me in!

    Comment


    • #3
      This sounds very appealing, and lines up with my goals for the year. I would love to give this a shot.

      Comment


      • #4
        Definitely down. The main attraction that I have been looking most towards.

        Comment

        Working...
        X