A recruitment of attackers and defenders to participate in The Standoff cyber battle on Positive Hack Days is open
Cyber training begins on May 18 at the training ground The standoff, which this year will become a full partner of the forum Positive Hack Days 10 (will take place on May 20 and 21). With less and less time left before both events, we are pleased to announce that we have opened a set of attacking and defensive teams that will fight each other in the metropolis.
What is The Standoff
The Standoff is a cyber polygon. A tool with which we simulate technological processes and business systems of real companies in industry, transport, energy, financial and other sectors. The task of the polygon is to create an environment in which you can:
carry out real hacker attacks on the enterprise infrastructure;
detect weaknesses in the information security system;
test and practice the skills of specialists in detecting and preventing attacks.
Information security specialists at the training ground study the methods of attackers and train in investigating and repelling attacks. The proving ground allows defenders to gain experience in a few days, which under normal conditions is difficult to acquire even after years of work.
For several years, The Standoff training ground has been deployed as part of PHDays. Last year cyber training has become an independent eventthat can exist in partnership with other activities (such as this was the case with HITB). Several dozen teams are expected to face off in a cyber battle in May, and we invite you to take part.
Like last year, The Standoff at PHDays will take place online. Most of the infrastructure of the cyber landfill will already be familiar to many participants: oil, gas? energy and other companies. However, we will add new infrastructure facilities with their own business processes and risks. Which ones are still a secret 🙂 The polygon will become larger, the technologies used in it will be more powerful, and the competition will be even more practical and close to reality.
Who are we waiting for
We are glad not only to those who have been participating for many years, but also to those who want to try their hand for the first time. However, our audience is mostly experienced specialists who have been involved in penetration testing and security analysis for a long time and know firsthand what JNDI, XXE OOB and xp_cmdshell are.
For the attack team, participation in The Standoff is an excellent opportunity to show and prove to the whole world how ready the team is to solve the most complex practical information security problems that are relevant to business, and to demonstrate how good the team’s skills in pentesting are.
The Standoff rules are such that the number of participants in one attacking team is limited by the width of the channel, but the organizers note that for the most comfortable participation in cyber training, the number of participants should not exceed 10 people.
The terms of cyber training at The Standoff are designed to make it as close to reality as possible and to increase the practical applicability of its results. In particular, we focused both attackers and defenders on the risks of digital twins of real objects, and not just on some “flags”, as is implemented, for example, in all familiar CTFs. Our digital copy of the metropolis is waiting for those who can detect the attackers in their desire to implement some kind of accident. At the same time, one of the key requirements for defenders is to have a full-fledged well-coordinated team.
At the same time, for the defense teams, it is not necessary to have experience in those industries, the objects of which are present at the test site. The most important thing is to have the skills of identifying and investigating incidents, then participation in The Standoff will allow you to “pump” them even more and then effectively apply them in daily work.
In order to take part in The Standoff, teams just need to send applications:
attack teams can fill out an application online until April 30;
defense teams can send their applications to the organizers by e-mail (email@example.com) until April 17.
You can also find out the details of The Standoff first-hand online in the telegram chat of the event – https://t.me/TheStandoff – stay in touch with us!
See you at PHDays and The Standoff! ..