A hallmark of an engaged team is continuous learning and improvement. And this is no different for a SOC (Security Operations Center) team. We believe that readiness is a key aspect of learning and improving and readiness is critical for a SOC teams success. Capture the Flag (CTF) events are one of the best ways that a SOC can remain sharp. We strive to do as many of these as we reasonably can each year.
On Thursday, January 18, 2018, Adobe, in conjunction with Splunk Inc. sponsored a Boss of the SOC competition. The BOTS competition is a Blue Team-focused Capture the Flag (CTF) style competition where contestants play the part of a Security Operations Center analyst. Teams are presented with various questions about multiple security-related scenarios. Some are easy. Some are hard. The teams use a Splunk Search Server, background information, and external sources to answer the questions as quickly and accurately as they can. The contestant with the most points at the end of the competition wins.
The Adobe Security Coordination center and several industry partners joined forces, divided into several different teams, and worked together to test out security skills that included reverse engineering malware, identifying data exfiltration behaviors, and identifying malicious user activity. Each team played the role of security analysts helping a home brewing supply company work through some major incidents they have experienced. The competition used realistic data in Splunk, Splunk Enterprise Security and the wild, wild web, while racing against the clock to identify: the who, the how and the where of a full forensic investigation. Teams were given a series of questions with varying types and degrees of difficulty and received more points if answered quickly. And the harder the question, the more points awarded.
The stellar effort by all teams involved made this event a hugely successful competition. This was a great learning experience for everyone involved. We would like to extend warm congratulations to the winning team which consisted of members of our Adobe team and our industry partners with an amazing performance! We had 48 participants from 5 organizations attend the event and sincerely thank Splunk Inc. for their efforts in supporting the event for us.
Sr. Manager, Security Monitoring
Nishtha Behal from our corporate security team in Noida, India, was the winner of the recent Winja Capture the Flag (CTF) competition hosted at the NullCon Goa security conference. The Winja CTF this year comprised of a set of simulated hacking challenges relating to “Web Security”. The winning prize was a scholarship from The SANS Institute for security training courses. The competition saw great participation with almost 60 women coming together to challenge their knowledge of the security domain. The contest is organized as a set of rounds of increasing difficulty. It began with teams of two or three women solving the challenges. The first round comprised of multiple choice questions aimed at testing the participant’s knowledge in different areas of web application security. The second round comprised of six problems where each question comprised of a mini web application and the participant’s task was to identify the single most vulnerable snippet of the code and name the vulnerability that could be exploited. The final challenges pitted the members of winning teams against each other to determine the individual winner. We would like to congratulate Nishtha on this well-deserved win! This marks the second year in a row that some of our participating Adobe team members have won this competition.
Adobe is an ongoing proud supporter of events and activities encouraging women to pursue careers in cybersecurity. We are also sponsoring the upcoming Women in Cybersecurity conference March 31st to April 1st in Tucson, Arizona. Members of our security team will be there at the conference. If you are attending, please take the time to meet and network with them. We also work with and sponsor many other important programs to encourage more women to enter the technology field including Girls Who Code and the Executive Women’s Forum.
Director, Product Security
Kriti and Abhiruchi from our corporate security team in Noida, India, were crowned the winners of the recent Winja Capture the Flag (CTF) competition hosted at the NullCon Goa security conference. Twelve (12) teams competed in this year’s contest. We would like to congratulate Kriti and Abhiruchi on their win. Adobe is an ongoing sponsor of the Nullcon conference. This competition was created by women to encourage their peers to enter the field of cybersecurity. It is a complete set of simulated web application security hacking challenges. Each challenge is separated into small tasks that can be solved individually by the competitors on each team. Each team works through the timed two (2) hour duration of the event in an attempt to attack and defend the computers and networks using prescribed tools and network structures.
Adobe is a proud supporter of events and activities encouraging women to pursue careers in cybersecurity. We are also sponsoring the upcoming Women in Cybersecurity conference March 31st to April 2nd in Dallas, Texas. Members of our security team will be there at the conference. If you are attending, please take the time to meet and network with them.
Director, Product Security
Adobe Security Customers,
I wanted to be sure the group was aware of the 2008 MAX Awards. These customer recognition awards showcase some of our best customer projects developed around the globe over the past year.
This year we will award projects in 6 categories: Advertising & Branding, Enterprise, Mobility and Devices, Public Sector, Rich Internet Application, and Video. Most of our security nominations are typically in the Enterprise and Public Sector categories.
The top three finalists in each category will be invited to attend MAX North America in San Francisco, where we will announce the winner, as well as the People’s Choice award winner. All finalists will receive complimentary admission to MAX.
All submissions must be received online at by September 12th, 2008, so be sure to submit your Adobe Security project today! https://www.Adobemaxsubmission.com/submission
For more information or to see last year’s finalists and winners please Click Here