Black Cell SecOps 2024 - Online Blue Teaming Jeopa
Our event will feature an online Jeopardy-style contest where participants can test their cybersecurity skills and compete for prizes. The CTF will be hosted in a Microsoft Azure cloud environment, where participants’ forensic investigation skills and Microsoft Sentinel knowledge will be put to the test. Participants will be provided a disk image containing forensics tools and data exports (PCAPs, memory images, disk images, etc.) collected from compromised infrastructure. Additionally, participants will be provided access to a Microsoft Sentinel instance that also contains a variety of logs from the compromised infrastructure. Using these tools and data sources contestants will need to find flags and build a timeline of the attackers’ actions…
ACME is a small company with 5-10 employees working in the financial services sector. They operate a hybrid infrastructure with some resources in the cloud and some on-premises. Notably cybersecurity was never a high priority at the company, and they do not follow any on-premises or cloud security frameworks. A few weeks ago, they had suffered a ransomware attack which left their infrastructure in shambles. The IT person at the company has attempted to investigate the root cause of the attack but has found themselves in over their head. The IT person has provided you with a few data files that they had collected during their failed investigation (VM images, PCAPs, memory images, etc.) and has also given you access to their security tools. Using these tools build a timeline of the attacker’s actions and identify the traces they have left behind.
Registration: on our site: SecOps ’24 - Black Cell