- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
This blog written by by Sasha Sokolovich.
Does the game of capture the flag bring back childhood memories?
Well, we have infused the fun element of the game into our capture the flag (CTF) content packs which take you on an interactive “treasure hunt” in Cortex XSOAR.
CTF challenges are cybersecurity competitions where participants tackle hands-on tasks, solving security-related puzzles and navigating through simulated scenarios to capture "flags." These flags represent sensitive information, and these exercises allow participants to showcase their prowess in areas like penetration testing, cryptography, and incident response.
CTFs can bridge the gap between theory and practice. Participants not only learn about cybersecurity concepts but also apply that knowledge to solve intricate problems. This approach cultivates problem-solving skills, critical thinking, and adaptability – crucial attributes in the ever-evolving field of cybersecurity.
In this case, participants explore Cortex XSOAR as security analysts investigate and respond to an incident.
Since XSOAR delivers SecOps automation through its playbooks, which are automated sequences orchestrating security processes, we built these CTFs using playbooks. As participants navigate through the CTFs and tasks that mirror the complexity of real-world incident investigations, they will understand the underlying structure and components associated with building automated workflows. The modular and extensible nature of XSOAR playbooks empowers users to tailor challenges to specific learning objectives.
Each CTF content pack comes with a playbook guiding you through setting up the CTF for your participants. This playbook ensures that your environment has all the requirements enabled to run your CTF.
Our CTF contains two different challenges:
First, you need to download the Capture The Flag 01 pack. In this pack, you will find the following playbook that will assist you in preparing your environment and setting up. The playbook name is - “Prepare your CTF”
You may run it as an incident or directly from the Playbook debugger section
The playbook will guide you through the setup tasks, including integrations and other settings required. In the example shown below, two missing integrations need to be enabled. You need to navigate to your integration tab in XSOAR to configure the integrations.
The end goal is to run this playbook without any stops or errors until you reach the final task which informs you that you are set.
To start interacting with the CTF, run the first CTF playbook by creating a new incident with the following playbooks - “CTF 1 - Get to know XSOAR 8”.
As a part of the game, participants will be required to search for clues (or flags) throughout XSOAR (such as in integration settings, reports, or playbooks). They will answer a series of questions related to their quest and the playbooks will prompt them with the correct answers.
If a participant gets stuck on a specific task, they can use the hint option to get a quick hint about the flag. If their answer is incorrect, they can re-run the task and check their answer as many times as they like - although this being a competition, there is a timer to determine who is the fastest at retrieving all the clues or flags.
The pack allows you to run this game for multiple users on the same tenant while providing a dashboard where you can see their progress.
Using this dashboard, you can track who finished the CTF and sort it by completion time (to determine the winner of the game). Note: An SLA timer starts when an incident is triggered.
Interested in trying it for yourself? Join us for a free CTF event and pit your skills against your peers while learning how a SOAR solution automates the incident response process.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Subject | Likes |
---|---|
2 Likes | |
1 Like | |
1 Like | |
1 Like | |
1 Like |
User | Likes Count |
---|---|
3 | |
2 | |
2 | |
1 | |
1 |