Welcome!

@DevOpsSummit Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Pat Romanski, Zakia Bouachraoui

News Feed Item

Lastline Sponsors International Capture the Flag IT Security Exercise and “White Hat Hacker” Competition on Friday December 4, 2015

Advanced malware protection provider Lastline™ is delighted to announce its sponsorship and support of the UC Santa Barbara International Capture The Flag (iCTF) competition taking place this Friday, December 4 beginning at 9 a.m. PST (see registration information below). The iCTF competition is a distributed, wide-area security exercise conducted to test and sharpen the security skills of the participants, with multiple cash prizes on the line.

The iCTF is the world's longest-running educational hacking competition which integrates both attack and defense security aspects in a live setting. The contest is organized by Professor Giovanni Vigna of the Department of Computer Science at UCSB and Lastline Co-founder/CTO, together with Shellphish, the well-known UCSB Security Lab hacking team. The popular event is held annually over an eight hour day, and draws participants from around the world. The UCSB Capture The Flag event features a multi-site, multi-team hacking contest in which several teams compete independently against each other.

“This is not only a great event to test participants on their security expertise, it’s a lot of fun to participate and watch teams compete,” said Vigna. “We’re testing security skills, teamwork and creative spirit.”

Each team maintains a set of services that must remain available and uncompromised throughout the contest, while simultaneously trying to compromise other teams' services. Each team receives an identical copy of the virtual host containing the vulnerable services, and must find and fix vulnerabilities in their copy of the hosts without disrupting the services. Teams also use their knowledge about these vulnerabilities to compromise the servers being run by other teams. In compromising a service, the winning team can bypass the service's security mechanisms and "capture the flag" associated with that service.

The UCSB iCTF competition has evolved from a number of previous security "live exercises" that were carried out locally at UCSB, in 2001 and 2002. In 2004, the UCSB iCTF evolved into an international exercise and featured teams from the United States and Europe. Since then, the iCTF has gone through 12 editions (one every year) with more teams and innovative designs each year.

This year’s new twist is that the teams are required to provide one of the vulnerable services in order to participate. This results in a “crowdsourced evil” effect, in which, in addition to the attack and defense skills of the teams, the participants’ creativity is put to the test.

Those interested in registering or more information can contact Dr. Vigna directly:

Cash Prizes

The winner of the competition will receive a $500 US cash prize. An additional $500 cash prize will be awarded to the “best service.” The best service is voted by the teams themselves at the end of the competition. An additional $500 prize for “best dashboard” will also be awarded. During the competition, the organizers will review each dashboard and vote for the best submission.

All prizes are sponsored by the Shellphish team itself.

About Dr. Vigna

Dr. Giovanni Vigna has been researching and developing security technology for more than 20 years, working on malware analysis, web security, vulnerability assessment, and intrusion detection. In addition to his roles as Professor in the Department of Computer Science at the University of California in Santa Barbara and as the director of the Center for CyberSecurity at UCSB, Dr. Vigna serves as Lastline’s co-founder and CTO. He is the organizer of the iCTF, the world's largest educational capture the flag competition. He is also the leader of the Shellphish team, which is the longest-running DefCon CTF team. The Shellphish team recently qualified in the DARPA Cyber Grand Challenge (CGC) and will play the final CGC competition at DefCon 2016.

About Lastline

Lastline is innovating the way companies detect active breaches caused by advanced persistent threats, targeted attacks and evasive malware. Lastline’s open architecture integrates advanced threat defenses and intelligence into existing operational workflows and security systems. Inspection of suspicious objects occurs at scale in real-time using a full-system emulation approach to sandboxing that is superior to virtual machine-based and OS emulation techniques. Lastline's technology correlates network and object analysis to achieve timely breach confirmation and incident response. Lastline was built by Anubis and Wepawet researchers and industry veterans with decades of experience focused specifically on advanced breach weaponry and tactics.

Headquartered in Redwood City, California with offices throughout North America, Europe and Asia, Lastline’s platform is used by global managed security service providers, Global 2000 enterprises and leading security vendors worldwide. To learn more, visit www.lastline.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@DevOpsSummit Stories
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
In this presentation, you will learn first hand what works and what doesn't while architecting and deploying OpenStack. Some of the topics will include:- best practices for creating repeatable deployments of OpenStack- multi-site considerations- how to customize OpenStack to integrate with your existing systems and security best practices.
Most DevOps journeys involve several phases of maturity. Research shows that the inflection point where organizations begin to see maximum value is when they implement tight integration deploying their code to their infrastructure. Success at this level is the last barrier to at-will deployment. Storage, for instance, is more capable than where we read and write data. In his session at @DevOpsSummit at 20th Cloud Expo, Josh Atwell, a Developer Advocate for NetApp, will discuss the role and value extensible storage infrastructure has in accelerating software development activities, improve code quality, reveal multiple deployment options through automated testing, and support continuous integration efforts. All this will be described using tools common in DevOps organizations.
Modern software design has fundamentally changed how we manage applications, causing many to turn to containers as the new virtual machine for resource management. As container adoption grows beyond stateless applications to stateful workloads, the need for persistent storage is foundational - something customers routinely cite as a top pain point. In his session at @DevOpsSummit at 21st Cloud Expo, Bill Borsari, Head of Systems Engineering at Datera, explored how organizations can reap the benefits of the cloud without losing performance as containers become the new paradigm.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to the new world.