Blog: SANS Penetration Testing

Blog: SANS Penetration Testing

SANS Keynote Preso: Put Your Game Face On

By Ed Skoudis

Last night, I presented a new talk at a keynote session for the SANS Cyber Defense Initiative conference. My goodness, was I excited, as the topic is something that has been very near and dear to my heart for the past 15 years. The talk was all about how info sec professionals can use challenges to develop their skills and careers, including Capture the Flag games, as well as a whole bunch of other challenge types. We touched on topics such as gamification, challenge designs, and a sampling of some really great free challenges available to everyone on the Internet. Here is a slide from the talk discussing some of the stuff we're thinking about and working on at Counter Hack Challenges:


Here is the overall description of the talk:

Put Your Game Face On: Using InfoSec Challenges to Build Your Skills and Career
- Ed Skoudis, SANS Institute Fellow

There are a multitude of info sec challenges available today, letting info sec pros evaluate and build their skills in a fun and exciting way.

Going beyond traditional lecture and exercise-based learning, some challenges are fantastic, while other sadly stink up the place. Some focus on tried-and-true formats such as Capture the Flag hacking competitions, while others push the envelope in structure, topic, and style, providing fertile environments for forensics experts, auditors, and secure software developers. What makes for a good challenge? What are some of the best ones freely available today? How can info sec pros use challenges to better their skills and improve their careers? In this lively presentation, Ed Skoudis, no stranger to playing or writing info sec challenges, will address these topics and more in a fun, interactive session. Whether you are interested in being a challenge participant who gets real value, or want to start authoring your own challenges, you won't want to miss this session!

Feel free to download my slides here (Put Your Game Face On), and please make sure to check out the last 5 slides or so, where I provide an inventory of available free Capture the Flag and other info sec challenges available on the Internet.

Last night was the debut of the talk. I'll be presenting updated versions of it again at SANS New Orleans Jan 19-24 and SANS Orlando March 25-30. W00t!

4 Comments

Posted December 10, 2011 at 1:55 PM | Permalink | Reply

Patrick

Awesome, many thanks for posting your talk from last night.

Posted December 11, 2011 at 11:31 AM | Permalink | Reply

Ed

Thanks! I had a wonderful time presenting this. The folks in the room asked some great questions.

Posted December 14, 2011 at 5:02 PM | Permalink | Reply

Matt

Great slide deck, Ed! I wish I was there for the talk. I particularly like slide 10 regarding perceptions of completing real-world "challenges". This really sheds light on why I see a lot of complacency in this field. People hit a problem where they don't consider themselves proficient and just shrug it off claim that it's impossible. CTFs are a great way to overcome your fears, learn a lot, and have fun while you're at it.

Also, I highly recommend exploit-exercises.com for anyone interested in reverse engineering and exploit development. :D

Posted September 25, 2014 at 11:31 AM | Permalink | Reply

hack for Brave Trials

Unquestionably believe that which you said. Your favorite
reason seemed to be on the net the easiest thing to be aware of.
I say to you, I certainly get irked while people consider worries
that they plainly do not know about. You managed to hit the nail upon the top and also defined
out the whole thing without having side-effects , people can take a signal.

Will likely be back to get more. Thanks

Post a Comment






Captcha

* Indicates a required field.