Learners teasers will be available at each ISSA meeting starting in August. These events will allow StormCTF to iron out bugs in the network, while showcasing what to expect from the CTF! They do not release competition challenges, but they do allow a competitor to get familiar with our infrastructure, and warm up! The following dates are set for teaser sessions:
August 1, 2019 - 6:00pm - 8:00pm
September 5, 2019 - 6:00pm - 8:00pm
October 3, 2019 - 6:00pm - 8:00pm
It's a Razer Backpack Bundle! We took a Razer Mercenary Backpack and stuffed it with various items that our team uses day to day for their jobs. (We bought new ones for you, don't worry!) The idea behind this prize is to be a gaming grab bag. Items inside are not disclosed until the winner chooses this prize!
The idea behind this prize is that StormCTF can't possibly accomodate a "needed" training for a winner. After all, this is anyones game! With this prize, ISSA will sponsor a security related training of your choice. The max value of this prize is $1000.00 USD. This is good for ONE (1) training course or certification. The requested training must be submitted to ISSA within 30 days of receiving this prize or it will be forfeited. ISSA and StormCTF reserve the right to deny any submitted training for any reason.
Terms and Conditions aside, this prize is to allow someone to register for OSCP if they need it, or PTX if they already have OSCP. Maybe you want to try 3 months of Hack the Box's Offshore or RastaLabs? Use this prize for that!
In addition to the above prizes, nTropic Security has developed KDisperse™, a new secure data storage platform ready for the market. They have worked with StormCTF to build an event long spot challenge. If you are successfully able to capture the flag within their application in the network, a $2000.00 award will be yours! Terms and Conditions apply. Click Here for more info on KDisperse.
Competitor must target the KDisperse application and/or the data sets it has already yielded, not the network infrastructure. All relevant flags are based on file data and whether or not a competitor can get a file ingested (ingress) in or extracted out (egress) via the KDisperse application. For example, sniffing the flag out of a packet capture does not constitute as a successful exploit. In the case of egress the competitor must provide a verifiable reconstructed data set (file) and reproducible Proof of Concept exploit to the creators of KDisperse. In the case of ingress a relevant set of meta-data must be presented to the KDisperse team along with a reproducible Proof of Concept exploit. The final decision of successful exploitation lies directly within the opinions and beliefs of the Founder of KDisperse. StormCTF, LLC holds no rights to this application, nor the prize money involved. Competitor must be 18 years or older to receive cash award, or have a parent, legal guardian, someone trusted and over the age of 18 to receive the prize on their behalf. This prize is only valid to be claimed ONCE. If multiple vulnerabilities are discovered, only one payment will be given, period. There can only be one winner.