Posts tagged "CTF"

Adobe & Splunk CTF Competition

A hallmark of an engaged team is continuous learning and improvement. And this is no different for a SOC (Security Operations Center) team. We believe that readiness is a key aspect of learning and improving and readiness is critical for a SOC teams success. Capture the Flag (CTF) events are one of the best ways that a SOC can remain sharp. We strive to do as many of these as we reasonably can each year.

On Thursday, January 18, 2018, Adobe, in conjunction with Splunk Inc. sponsored a Boss of the SOC competition.  The BOTS competition is a Blue Team-focused Capture the Flag (CTF) style competition where contestants play the part of a Security Operations Center analyst. Teams are presented with various questions about multiple security-related scenarios. Some are easy. Some are hard. The teams use a Splunk Search Server, background information, and external sources to answer the questions as quickly and accurately as they can. The contestant with the most points at the end of the competition wins.

The Adobe Security Coordination center and several industry partners joined forces, divided into several different teams, and worked together to test out security skills that included reverse engineering malware, identifying data exfiltration behaviors, and identifying malicious user activity.   Each team played the role of security analysts helping a home brewing supply company work through some major incidents they have experienced.  The competition used realistic data in Splunk, Splunk Enterprise Security and the wild, wild web, while racing against the clock to identify: the who, the how and the where of a full forensic investigation. Teams were given a series of questions with varying types and degrees of difficulty and received more points if answered quickly. And the harder the question, the more points awarded.

The stellar effort by all teams involved made this event a hugely successful competition. This was a great learning experience for everyone involved. We would like to extend warm congratulations to the winning team which consisted of members of our Adobe team and our industry partners with an amazing performance! We had 48 participants from 5 organizations attend the event and sincerely thank Splunk Inc. for their efforts in supporting the event for us.

Joseph Davidson
Sr. Manager, Security Monitoring

The Adobe Team Reigns Again at the Winja CTF Competition

Nishtha Behal from our corporate security team in Noida, India, was the winner of the recent Winja Capture the Flag (CTF) competition hosted at the NullCon Goa security conference. The Winja CTF this year comprised of a set of simulated hacking challenges relating to “Web Security”. The winning prize was a scholarship from The SANS Institute for security training courses. The competition saw great participation with almost 60 women coming together to challenge their knowledge of the security domain. The contest is organized as a set of rounds of increasing difficulty. It began with teams of two or three women solving the challenges. The first round comprised of multiple choice questions aimed at testing the participant’s knowledge in different areas of web application security. The second round comprised of six problems where each question comprised of a mini web application and the participant’s task was to identify the single most vulnerable snippet of the code and name the vulnerability that could be exploited. The final challenges pitted the members of winning teams against each other to determine the individual winner. We would like to congratulate Nishtha on this well-deserved win! This marks the second year in a row that some of our participating Adobe team members have won this competition.

Adobe is an ongoing proud supporter of events and activities encouraging women to pursue careers in cybersecurity. We are also sponsoring the upcoming Women in Cybersecurity conference March 31st to April 1st in Tucson, Arizona. Members of our security team will be there at the conference. If you are attending, please take the time to meet and network with them. We also work with and sponsor many other important programs to encourage more women to enter the technology field including Girls Who Code and the Executive Women’s Forum.

David Lenoe
Director, Product Security

Adobe Security Team Members Win Recent CTF Competition

Kriti and Abhiruchi from our corporate security team in Noida, India, were crowned the winners of the recent Winja Capture the Flag (CTF) competition hosted at the NullCon Goa security conference. Twelve (12) teams competed in this year’s contest. We would like to congratulate Kriti and Abhiruchi on their win. Adobe is an ongoing sponsor of the Nullcon conference. This competition was created by women to encourage their peers to enter the field of cybersecurity. It is a complete set of simulated web application security hacking challenges. Each challenge is separated into small tasks that can be solved individually by the competitors on each team. Each team works through the timed two (2) hour duration of the event in an attempt to attack and defend the computers and networks using prescribed tools and network structures.

Adobe is a proud supporter of events and activities encouraging women to pursue careers in cybersecurity. We are also sponsoring the upcoming Women in Cybersecurity conference March 31st to April 2nd in Dallas, Texas. Members of our security team will be there at the conference. If you are attending, please take the time to meet and network with them.

David Lenoe
Director, Product Security

Building Relationships and Learning at Black Hat and DEF CON

Adobe attends Black Hat in Las Vegas each year and this year was no exception. The Adobe security team as well as several security champions from Adobe’s product teams attended Black Hat and a few stayed on for DEF CON too. What follows is the experiences and takeaways of Rajat and Karthik security researchers on ASSET, from Black Hat and DEF CON 2014.

Security is often characterized as a dichotomy between “breaking” and “building”. Presentations at Black Hat and DEF CON are no exception – focused on these categories as a result of the approach that hackers take towards their research. For example, Charlie Miller and Chris Valasek’s, “A Survey of Remote Automotive Attack Surfaces” was a memorable talk in the breaking-security category, where they disassembled the onboard computers in over twenty commercial cars and analyzed ways to remotely control them. It was refreshing to take a step back and observe that security scrutiny can be brought to bear on all engineering design, not just software design.

In the building-security category, we appreciated the format of the various roundtables at Black Hat because they mirrored many of the themes of security conversations across Adobe. For example we found the roundtable discussions on API Security  and Continuous Integration and Deployment to be valuable lessons for our researchers and security champions. At DEF CON, we came across DemonSaw, a new tool that lets you securely share files in a peer-to-peer network without requiring cloud storage. We found it to be an impressive implementation of cryptography fundamentals to meet security and privacy.

We noticed the gradual shift in focus of the talks from last year, in that more hackers are going after hosted services and mobile/embedded applications. This gave Adobe security champions the opportunity to see how hackers adapt to changes in the industry and to get an attacker’s perspective on compromising applications that may be similar to our own. Often times security champions had to strike a balance between talks that apply to their day-to-day work, like Alex Stamos’ Building Safe Systems at Scale and talks that were interesting given the impact to the industry, for example the talk about BadUSB. We also saw the recurring theme that each year the security community finds more serious vulnerabilities than the last, as a result of new products and platforms flooding the market. It was a reminder that with the universal growth of technology there’s a need for deeper investment in security. 

BH party

 Adobe-hosted  event at the Cosmopolitan’s Chandelier Bar on August 7th.

Black Hat and DEF CON offer much more than the presentations and trainings. The Black Hat Arsenal showcased cutting-edge security research, with prototypes of packet-capturing drones and tools that harvest information from various embedded devices. Most of the tools on display were open-source and it was great to see research shared in the security community. The Vendor Expo was an expansive mix of large companies promoting their product suites, along with newcomers exploring niche problems such as log mining, threat intelligence, and biometric security. No DEF CON conference is complete without a Capture the Flag (CTF) event, which is a place for professionals–or hobbyists–to build their skills and compete with each other in solving real-world challenges related to forensics and Web exploitation – this year’s competition was won by PPP.

It was evident that Black Hat and DEF CON have steadily grown in popularity. For the first time at Black Hat we were standing in line to enter briefings. The size and scale of these events keep increasing, which is a testament to the expanding influence of security in technology and business. Despite the growth, the atmosphere at Black Hat and DEF CON remains collegial. Meeting and talking with people about the challenges we all face always makes for a valuable learning experience.

Karthik Raman, Security Researcher
Rajat Shah, Security Researcher