Welcome!

@DevOpsSummit Authors: Pat Romanski, Yeshim Deniz, James Carlini, Elizabeth White, Anders Wallgren

News Feed Item

Lastline Sponsors International Capture the Flag IT Security Exercise and “White Hat Hacker” Competition on Friday December 4, 2015

Advanced malware protection provider Lastline™ is delighted to announce its sponsorship and support of the UC Santa Barbara International Capture The Flag (iCTF) competition taking place this Friday, December 4 beginning at 9 a.m. PST (see registration information below). The iCTF competition is a distributed, wide-area security exercise conducted to test and sharpen the security skills of the participants, with multiple cash prizes on the line.

The iCTF is the world's longest-running educational hacking competition which integrates both attack and defense security aspects in a live setting. The contest is organized by Professor Giovanni Vigna of the Department of Computer Science at UCSB and Lastline Co-founder/CTO, together with Shellphish, the well-known UCSB Security Lab hacking team. The popular event is held annually over an eight hour day, and draws participants from around the world. The UCSB Capture The Flag event features a multi-site, multi-team hacking contest in which several teams compete independently against each other.

“This is not only a great event to test participants on their security expertise, it’s a lot of fun to participate and watch teams compete,” said Vigna. “We’re testing security skills, teamwork and creative spirit.”

Each team maintains a set of services that must remain available and uncompromised throughout the contest, while simultaneously trying to compromise other teams' services. Each team receives an identical copy of the virtual host containing the vulnerable services, and must find and fix vulnerabilities in their copy of the hosts without disrupting the services. Teams also use their knowledge about these vulnerabilities to compromise the servers being run by other teams. In compromising a service, the winning team can bypass the service's security mechanisms and "capture the flag" associated with that service.

The UCSB iCTF competition has evolved from a number of previous security "live exercises" that were carried out locally at UCSB, in 2001 and 2002. In 2004, the UCSB iCTF evolved into an international exercise and featured teams from the United States and Europe. Since then, the iCTF has gone through 12 editions (one every year) with more teams and innovative designs each year.

This year’s new twist is that the teams are required to provide one of the vulnerable services in order to participate. This results in a “crowdsourced evil” effect, in which, in addition to the attack and defense skills of the teams, the participants’ creativity is put to the test.

Those interested in registering or more information can contact Dr. Vigna directly:

Cash Prizes

The winner of the competition will receive a $500 US cash prize. An additional $500 cash prize will be awarded to the “best service.” The best service is voted by the teams themselves at the end of the competition. An additional $500 prize for “best dashboard” will also be awarded. During the competition, the organizers will review each dashboard and vote for the best submission.

All prizes are sponsored by the Shellphish team itself.

About Dr. Vigna

Dr. Giovanni Vigna has been researching and developing security technology for more than 20 years, working on malware analysis, web security, vulnerability assessment, and intrusion detection. In addition to his roles as Professor in the Department of Computer Science at the University of California in Santa Barbara and as the director of the Center for CyberSecurity at UCSB, Dr. Vigna serves as Lastline’s co-founder and CTO. He is the organizer of the iCTF, the world's largest educational capture the flag competition. He is also the leader of the Shellphish team, which is the longest-running DefCon CTF team. The Shellphish team recently qualified in the DARPA Cyber Grand Challenge (CGC) and will play the final CGC competition at DefCon 2016.

About Lastline

Lastline is innovating the way companies detect active breaches caused by advanced persistent threats, targeted attacks and evasive malware. Lastline’s open architecture integrates advanced threat defenses and intelligence into existing operational workflows and security systems. Inspection of suspicious objects occurs at scale in real-time using a full-system emulation approach to sandboxing that is superior to virtual machine-based and OS emulation techniques. Lastline's technology correlates network and object analysis to achieve timely breach confirmation and incident response. Lastline was built by Anubis and Wepawet researchers and industry veterans with decades of experience focused specifically on advanced breach weaponry and tactics.

Headquartered in Redwood City, California with offices throughout North America, Europe and Asia, Lastline’s platform is used by global managed security service providers, Global 2000 enterprises and leading security vendors worldwide. To learn more, visit www.lastline.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@DevOpsSummit Stories
ChatOps is an emerging topic that has led to the wide availability of integrations between group chat and various other tools/platforms. Currently, HipChat is an extremely powerful collaboration platform due to the various ChatOps integrations that are available. However, DevOps automation can involve orchestration and complex workflows. In his session at @DevOpsSummit at 20th Cloud Expo, Himanshu Chhetri, CTO at Addteq, will cover practical examples and use cases such as self-provisioning infrastructure/applications, self-remediation workflows, integrating monitoring and complimenting integrations between Atlassian tools and other top tools in the industry.
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory? In her Day 2 Keynote at @DevOpsSummit at 21st Cloud Expo, Aruna Ravichandran, VP, DevOps Solutions Marketing, CA Technologies, was joined by a panel of industry experts and real-world practitioners who shared their insight into an emerging set of best practices that lie at the heart of today's digital transformation.
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the public cloud best suits your organization, and what the future holds for operations and infrastructure engineers in a post-container world. Is a serverless world inevitable?
"Since we launched LinuxONE we learned a lot from our customers. More than anything what they responded to were some very unique security capabilities that we have," explained Mark Figley, Director of LinuxONE Offerings at IBM, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and cost-effective resources on AWS, coupled with the ability to deliver a minimum set of functionalities that cover the majority of needs – without configuration complexity.