CTF Kickoff – Competition, Rules, etc.
In this video, a panel of cybersecurity experts, including Bryson from Perch Security and John Hammond from Huntress, discuss the intricacies and excitement of Capture the Flag (CTF) competitions. They delve into the variety of challenges participants will face, from forensic analysis to ethical hacking and reverse engineering, while providing insights on how these exercises sharpen real-world cybersecurity skills. With a focus on fostering community learning and engagement, they encourage both newcomers and seasoned professionals to join in, emphasizing the importance of collaboration and continuous learning in the cybersecurity field.<ul><li>The Cyber Trifecta event is a three-day Capture the Flag (CTF) competition featuring a mix of cybersecurity challenges across different domains such as forensics, exploitation, and reverse engineering.</li><li>Participants will engage in various tasks, including examining Windows logs, performing penetration tests, and reverse engineering, each designed to simulate real-world cybersecurity scenarios.</li><li>The event is organized by Perch Security, Huntress, and ID Agent, with a focus on learning and improving cybersecurity skills through practical, hands-on challenges.</li></ul>
Guests
Video Transcript
Be silent the whole time, but I'm, I'll see if I can talk her into it. All right. Well, we are live here. Welcome everybody to the cyber trifecta. I can't believe it is already here. I am joined with some of the best in the business and I'm really thrilled to have everybody, uh, not only join us, but share, um, some of the folks that are with us in the audience. 'cause we do things a little bit differently this time. Um, about four months ago we did what was called the Cyber Con.
We had a three day capture of the flag event there. Um, this time, you know, as Wes Spencer said, and he goes, I, you know, in his videos I'm a little biased. But, um, when you bring, uh, Huntress ID agent and perch together, I don't think there's any three better out there that could pull this off. So, we are really thrilled that you're all joining us. And let me just do a few quick intros because, um, we've got a ringer on stage with us. Uh, John Ham and John, thanks for joining us.
Newest, uh, uh, addition to the Hunters team. But, um, let me start off Bryson, 'cause you and the team here have collectively put together this three day competition. So if you could introduce yourself, I'll go around the horn and I'll set the stage and turn it over to you, Bryson. Okay. Um, sure. Yeah. So I'm Bryson. I'm from Perch Security, um, an analyst in our soc. And, uh, I was the mastermind behind the last CTF at V Cyber Con. Uh, but this time we decided to share the load a little bit.
So Huntress and ID agent worked together with us here at Perch to put together all of the challenges. So this isn't just what can we pull out a Bryson's brain, but we got a pool of people. Uh, we actually had a couple people at Perch, uh, besides myself, that, that, uh, helped along Ross from our stock. And then, uh, Paul Scott, who's the head of our research team, also did a little bit of work. Uh, and then, yeah, uh, Huntress and Id agent both, uh, put some time into it as well.
Hunters put, uh, quite a bit of time. I know Dave and John were, uh, other John, not, not that John on screen here, but I, they were out pretty late last night, uh, getting some data in and, and testing some things out. Uh, so, so we definitely appreciate all the work that they've done as well. So this, this should be pretty exciting. Um, should have a lot of fun and interesting challenges for people to, to participate in. Thanks. Thanks Bryson. Thanks for all your hard work, Dave, Dave Kay.
And I know your counterpart is off screen. John Farrell, who put in a bunch of work for this too. Welcome. Yeah, definitely, definitely shout out to John Farrell. We had a blast doing some of this stuff. I'm Dave, uh, last name's Kline Land. It's long and complicated, but Dave K works. Um, hanging out here, uh, uh, yeah, we put together a lot of the stuff on day one. Uh, myself, John Farrell, uh, I think there was even a little influence from John Hammond on some of those challenges there.
So I hope everyone has, uh, a lot of fun with that. And, uh, we're looking forward to it. It should be a good time. I had a excellent time as a, a hidden contestant on the first one where Bryson was the mastermind and, uh, we got roped into to putting some stuff together this time. So should be, should be a lot of fun. Alright, well Dave, welcome and again, John and the audience. Thank you so much Duncan. Wonderful to have you here. Duncan Miller from the, um, ID agent.
Team Duncan, please go ahead. Sure. Uh, hi everyone. Uh, as you said, I'm Duncan Miller, I'm a senior analyst for ID agent. Uh, had a lot of fun putting this together for y'all. Hopefully you guys enjoy it. Yeah. And thanks so much for all your time as well, Duncan. Really appreciate it. And then the baritone is here. John Hammond. John, you got a huge following. Thanks so much for your help at late in the game. Um, welcome please. Thanks. Yeah, hi, uh, I'm John Hammond.
It seems to be, uh, whatever was saying, I appreciate it. I'm really happy to be here. I'm just excited for all this, this whole thing. Hopefully I was able to squeak in some challenges and then capture the flag, but I'm just grateful to be here with you all. Awesome. Okay, so we got the intros over. So, um, Bryson, I'm gonna hand it over to you. The only thing I wanna chime in on is when we get to, what I think a lot of people want to know about is the prizes.
I do wanna say just a few things about that. I'm actually gonna look for Amit now that we can put six people on the screen. This is awesome. For those of you ever been on a crowd cast and you have four people and you can't show a PowerPoint or anything, and I'm getting yelled at in the background by Gary Peacock. I don't have to deal with that anymore. This is a wonderful, wonderful day, Dave. K thanks so much, Bryson.
I'll turn it over to you for in, in fact, Bryson, do you need your screen before I take up another one? Would that be helpful? Um, no, no, I'm good. Okay. Alright. So why don't you take it away, Bryson, talk to everybody about Perche, Bonna the rules Slack channel on and on and on. Okay. Your floor, sir. Sure. Well, this, this is a three-day event. Uh, we start tomorrow at 1130, uh, each day.
The challenges are gonna go from the, the kickoff meeting at 1130 for that day until, uh, that's Eastern time, by the way. All the times I'm gonna mention will be Eastern time. So 1130 Eastern tomorrow until 11 o'clock the following day. Uh, that gives me about 30 minutes to kinda, uh, save the scoreboard as it is and then reset it for the next day. Uh, all the challenges will still be up. Uh, so we're gonna have daily challenges.
So, so day one we're, we're gonna close down at 11, uh, and like as a cutoff for whoever wins day one. Uh, but you can continue if you didn't get everything. 'cause there will be an overall, uh, winner as well. And so if you don't get day one on day one, you may not win the day one prize, but if you win day two, day three, uh, if you haven't finished day one, you can still go back and get it. And that'll contribute to the overall score.
Uh, so, um, the, we, we, we actually put together a story for our, our challenges this time around. So starting with day one, uh, you get to play the part of a purchase security analyst, uh, unpaid Bone here analyst. Uh, we'll give you access to pera, which is the perch, uh, security platform where you can access all of the data that we've collected, uh, for this fake customer. Customer's called CTF.
So this customer, uh, last night was compromised by a bad actor that the purchase security, uh, research team has been tracking and that we've named the, the quirky Falcon. Uh, we like, we like to use bird names for our bad actors. So, quirky Falcon is the bad actor who has compromised the CTF organization. And, uh, you will log into, I'm gonna post a link here in chat. Uh, if you don't already have this, CTF dot perch security.
com, uh, if you're not already registered there, please go there and register. That's where you're gonna access all the challenges. That's where the scoreboard's gonna be. Um, everything that you're gonna need, all the info is gonna be there. Um, so you'll, you'll, you'll log in there, uh, you'll check out the challenges and it's going to show up, uh, if you've ever been in part of the CTF to use the CTFD. That's the platform that we're relying on.
Uh, and essentially looks something like a Jeopardy style board where you have a list of challenges, you click on them, uh, challenges listed with scores, you, you click on one of the challenges that'll pop up with a question. Uh, in this case it's gonna be, uh, for day one questions about the compromise. And you'll find the answers to those questions in perche bottom. Um, I think the, the Hunters team added a couple of extra little challenges.
There's, there's a, uh, exploit, uh, to run and there's a PowerShell script to sort of pick apart. Uh, so there's a couple other things in there as well, but all the other answers are gonna be in pera. So we'll, uh, we'll go over that a little bit more detail tomorrow, uh, when you actually will have access to it. So we'll, we'll give you a login. Um, one, one main rule as far as the login goes, we are using the same username and password for everyone in the competition.
Uh, it's, it, it helps us as far as performance goes. We're able to restrict users to a single index. Um, since, since we're having 200 new users log to per all of a sudden start using it above and beyond the normal daily, uh, usage count, uh, it's gonna help us sort of partition off some of that use from the daily, uh, the daily use by our normal users.
Uh, but because because everybody used to using the same username and login, um, you, you won't be able to change the password because you need to email address to do that. But, uh, please don't change anything else. Don't, don't anything up for anybody else. Uh, don't, don't try to enable MFA, don't try to change the password. Um, we, we, we can certainly fix that quickly on our end if that happens. But it's gonna screw things up for everybody else.
And, and if we do catch someone doing that, uh, that, that might end up getting you banned from the competition. So, uh, that, that kind of goes across the board for the competition. If, if you get access to something, don't try to shut it down. Don't try to do anything. Don't try password. Uh, we want this to be fun. Um, you don't have to spend all day going back and resetting things because somebody thought it would be funny to, to block everybody else out of the competition.
So, so please don't do that. Uh, if you do, then use a good chance, you might get banned. So day one, your PERA finding all the answers, uh, and then some of the answers that you'll find in that data will lead you to the day two challenges. So, um, day one is, is all forensics. In PERA day two, uh, you're gonna start hacking back. So you're gonna get some info about the quirky botnet.
And then two, it's your job to infiltrate his botnet, get him through that server and see what you can find, uh, figure out what he's doing, um, and just kind of, kind of figure out how the botnet works, how you can take over the botnet. And then from the info you'll find from that, that will lead to day three. Day three is gonna, the, the, the info you'll find in day two will lead you to the quirky falcons, uh, personal server.
And your job then is to just hack into that, get into the box, get it, get root, uh, in that, that environment. Um, and yeah, that's, so that's, that's how we're breaking out the challenges. Uh, we start with, you know, compromise Network, recon, and then, uh, hack back. So it should be a lot of fun. Um, do you wanna talk about the prizes for each days? Yeah, yeah, yeah. I did. I did. And is Amit there? Welcome Amit. Hey. Hi guys, how are you?
So, one of the things I'm gonna do is I'm gonna pop something in the poll. If you guys take a look at that, it'll make sense. I'll explain it in a second. But let me put something in the poll. You guys get to vote. Let me explain, uh, the last piece first regarding the poll and I'll work my way back into the prizes. Okay. So, because obviously, you know, it's a three day competition.
Tuesday, Wednesday, Thursday, Tuesday's winner's easy 'cause we meet Wednesday morning and kick things off Wednesday morning, you know, I'm sorry, Wednesday's winner's easy 'cause we meet Thursday morning to kick off the last day. But Thursday, Thursday's winner, the overall winner, um, is something that we wanted to figure out. How did you all want to, to meet up? Did you or did you not want to to meet up? So that pretty self-explanatory. That's why I put that poll out there for y'all.
We'll do whatever you guys want to do. It's up to you. If you don't vote, you, you may not get what you want, what you want. So, uh, that's out there. I'll let everybody kind of take care of that. Amit, um, wonderful to have you back with us. Um, I just thank you. Yeah, no, well welcome. And um, so you were wonderful in, uh, providing the prizes last time. The Cyber Phish team. Um, if you don't know about Cyber Phish, um, we are going to inundate you with it.
No, we're gonna tell you more about it tomorrow when we have time. 'cause we have a lot to cover today. We're gonna do a fireside chat shortly with Bryson and John Hammond. But, uh, uh, Amit, uh, before we get into the actual prizes, uh, just wanted to welcome you, say hello to everybody out here. Uh, we got a big event gonna kick off shortly. So the floor is yours for a minute, if you would. Yeah, sure. Hey, hey guys. I am excited to be here again.
Um, it's true that we meet every week on Cyber Call, and we've met few, few months ago in V Cyber Con. So since then we had a great success, uh, deploying MSPs. We deployed to hundreds and helping them, you know, cope with the phishing attacks and their clients and stuff like that. And we're, uh, thrilled that we have that opportunity now to, to assist again with these prizes for the MSPs that are doing two things. First of all, capturing the flag.
That's one second, we came with an idea that to to, to have another $500 for the MSP that deploys the most during the competition. I mean, you have the opportunity and we, we, we got great, uh, uh, great deal for you guys once you deploy cyber fish during these three days. So whoever doing that with the most users, I would say will get another $500.
So, um, excited to be here, as you said, uh, Andrew will elaborate tomorrow, but more specifically about what we're doing, how we're doing the, how we can use, how we can assist the MSPs and beside them. Beside that, I'm enjoying that. Seeing you again. Everything is great here. Yeah, Well, thank you for joining us. I know it's late where you are. And yeah, for the MSPs and MSPs that do know already about, uh, cyber Phish, for those of you that don't, it's something called visual detection.
It's patented technology that Amit and his team have done. They're gonna, we're gonna show a little more tomorrow where we don't have to rush through everything and we can be, uh, take our time and, you know, just give you a little insight into what they do. Um, as far as the prizes go, I think we got about 1500 on the line for the MSPs and MSPs. Um, I think it goes something to the two, don't hold me to, it's exactly, I promise I'll get it out to you.
But it's something like a cadence to Amit, right? Where we go to, uh, either 300, 3 53, 300, 3 54 55, Yeah, something like that. The overall, now, I did wanna say something to you out there as the overall arching audience. We have the awesome John Hammond here and with John Hammond's, 105,000 followers. When he posts something, he brings a bunch of people in here that you know, so, and we are welcome. We want you to compete, et cetera.
Just so you know, like the competition money was really for the Ms. P and MSPs, the channel that we're doing this for. That said, I talked to Ahmed about this this morning, and if you know you're awesome at CTF and, and you win and you're not part of anm, SP or MSSP, Amit's still gonna give you a hundred dollars gift card. Um, and so we want you to compete. So please stay in there with us. This is for everybody. It'll help the competitive spirit.
So, you know, please stay with their, with us as well. So, Amit, thanks for doing that also. Um, so yeah, so, um, Bryson, that's all I really wanted to talk about. Let's just take a quick, there's a question. Lemme just look at the polls. It looks like based on those who voted, uh, uh, Bryson, we'll meet back here on Friday. Okay? Um, we won't keep you guys long. I'll just create another like event, if you will.
And by the way, if you are like, Hey, I can't, and you're a vote, you voted as email, um, we'll give that money to Bryson and John to split if you want. Sorry. No, we'll, we'll let, we'll let you know either way via email and, um, you know, so, so don't, don't despair. Um, okay. So let me just see the question real quick here. See if, uh, why not both Jason? Yeah, I think your question, Jason, is why not Bo do both? Yeah, I think I just answered. I hope, Jason, if you could just say it in chat.
I think I answered you, uh, saying Yeah, we're gonna do both. Well, we will, we will still, uh, email anybody. I'm scrolling down here. I'm way down on chat, but Jason, if that's what you meant, just let me know. Um, so that's all I had Bryson on One, one last thing, don't, don't, uh, forget we deal with Slack channel. Yes. Um, if you're already in, in the, in the Slack channel, the, uh, there is an invite on the, uh, CTF site. So that's ctf security.com.
There's an, uh, invite link at the bottom of that, or I don't know if, have we, have we sent out an invite to Slack? I I haven't Just, uh, can you talk, talk me through it real quick. I'm gonna just put it as a call to action where anybody can click on it real quick here, Bryson, uh, oh. Uh, so if you could just read it and go off. So it would be an http, uh, Bryson, Uh, yeah, hold on.
I can, I can, or just Copy it, put it in chat, and then I'll throw, throw it as a call to action right into, uh, into here as well. So, John, while we're doing that, you were, so, what was it, what are you a finalist in John? Talk, talk to us about that. Don't be bashful. You're, you're a fi you, you were a, um, you're a finalist in something, right? Big. Yeah, no, it, it's tangential. So comp I will be bashful even though you're telling me not.
Uh, it was the, the AppSec Village over at Defcon. There was a, there was a competition to create a capture the flag challenge. Like the competition was not just the competition CTF itself, but designing and creating the challenges. Um, so I had submitted a few that I had written. Um, one was called Dumpster Diving and Trapped, and those were, those were winners in the miscellaneous category. So I was very, very pleased about that. Totally Tangent. No, that's very cool.
So Kyle, uh, in, in the audio from a hunter's CEO, we'll see if we can get him up here momentarily. Um, in fact, Dave, is it okay if I switch you up with Kyle real quick? Yeah, that works great. Okay. No arguments with the CEO coming on for you. No, He can preempt me. It's fine. All right, hold on. Alright. Uh, All right. We'll get Kyle up here. Alright, so Bryson, so we got, we talked about, you know, the, the competition. We, we got prize out of the way. We've got s support, uh, via Slack.
I put it in as a call to action. You'll see it right below. It's a little green thing there. It's says Slack channel. Anything else you can think of, uh, that we may have missed or we want to talk about? Um, I, I do just want to point out, um, that the, the, uh, infrastructure for the ctf, so like the C TF D site that is out of scope. And again, we might, uh, swing the band hammer if you, if you try to break that site.
Um, any hacking of the Slack channel, uh, any attempts on, on PERA or anything like that, you know, those, those are, those, all those things are outta scope. So, um, don't, uh, don't, don't, don't try to hack those things. You, you will be given some targets to attempt to hack into, uh, but unless you're told otherwise, assume it's out of scope. Um, we did have someone try, uh, a cross site scripting, uh, post to the registration form today. So, um, it, it did not succeed.
You know, we are doing proper, uh, input validation. So, so it failed. But, uh, we did find this interesting, uh, Salesforce contact that was, uh, a cross site scripting, uh, thing. So, um, just, just keep that in mind. Okay. Hey, so there's a question, but I first wanted to welcome CEO of Huntress to the screen. Uh, Kyle lov, how are you? Kyle? Welcome. Hey Guys, I'm doing good.
Amit, I couldn't, uh, couldn't help, but here, obviously it sounded like they were, uh, the CTF players of the world trying to take you out for some prize money. So I figured if, uh, you need it, we'll happily cover some of that. Um, I sadly was just watching in the audience, so I didn't mean to come kidnap No, I'm glad you're here. What do you think? We got six windows. Now we don't have to do all this cyber call. You go here, I'm gonna bring you up here. I mean, this is huge.
So I was, uh, I was laughing when somebody said, Hey, is there, does it really only support six at a time? And I was like, wait, wait. That's, that's like a 50% increase. Yeah, It's huge. It's a big increase. So, um, okay, so there was a question just real quick. Like someone saying, Hey, I'm, I'm in this session. What's this about? So, fair question, because obviously this is a kind of a two part event.
And what I mean by that is, um, each day, starting tomorrow at one o'clock, uh, we're not gonna inundate you with so many, like, so many of these, you know, I, I, we get that there. Since Covid started, there have been more virtual sessions than we could, and I get it, everybody's burned.
So what we decided to do with this is, you know, we would do one session a day, um, one hour on, you know, business enablement type things, and John's gonna be doing something on Wednesday, hiding in plain sight. So, so just really a pithy type of content event. What this is, is this is the kickoff to the actual capture the flag competition. Now, what we're about to go into is, there's a lot of people that are wondering, you know, what is a comp cap?
You know, certainly there's a, I'm not, don't mean to be condescending or, or silly, the most of you here that are in the competition, but there's a group of MSPs and out there that don't understand or have never competed. So if that's you, great, you know, stay with us or, or what have you. I'm sure you'll learn something anyway, but John and Bryson are gonna do a fireside chat about what are, you know, what, what, what are CTFs?
How do they, how do you translate 'em into your business if you're an MSP or MSSP, that's never done ethical hacking or red team and those type of things. So that's the intent of the next piece. I hope that answered your question. Um, who, who was asking that? Absolutely. Okay. Um, so do, so Bryce and I, before we kind of transition to the next step, anything else that, uh, I think the big takeaway is, hey, we know you guys can hack.
Just, just please do us a favor for the grander good of the event and stay within the guidelines so that we're not just resetting stuff and slowing the con. Is that a Go ahead, Bryon. Yeah. Yeah, that's that. Like you said, just don't, uh, don't block other people. Don't try to prevent other people from having fun as well. Um, you know, we, we still have a higher level access than, than you do. Um, we can still go in and reset things, you know, reset images and all that.
So if you break anything, all it's gonna do is make more work for, for me. And then the other parts of the, uh, perch team or, or interest or ID agent or, you know, whichever part of it. And, uh, just kind of slow things down. So, sure. Uh, just, just keep things fun. Sure. There are never fun. Tomorrow, tomorrow we'll go in a little bit more into pera. Um, we do have a, like a quick start guide on how to use PERA's. Never used it.
Um, if, if you want to take some time to, to prep, uh, I will just say that, uh, PERA is built on the Elastic stack. Uh, you're gonna be using Kibana to, to do all the queries. So if you've never done anything with Kibana, you can just start some Googling now. Um, RTFM learn, learn about Kibana and how to search for stuff in Kibana. Discover primarily is, is what you're gonna be looking for.
Um, also, uh, anything you might want to learn or know about Windows logs and PowerShell, uh, will definitely help with, uh, tomorrow's challenges. So those are some things you can, you can start, start your Googling, start some researching, start to, to think about how that might work, and then, uh, we will give you a little bit more, uh, like tips and tricks and how to find stuff in pervan tomorrow. Okay. Yeah, it's just, it's your inti the purchase instance of Kibana, correct.
Is just renaming Kibana, if you will. Fair, Yeah. Yeah. I mean, there's, there's a little bit more into it, but essentially yeah, it's, it's just that purchase elastic stack. Yeah. Right. Yeah. Obviously you guys have put some flare around it and some things that make it special. Yeah. There, there's, there's more to the platform than that again, right? That's what it's all built on. Very true. Um, yeah, John, you nailed it out there.
The question of, hey, if, if you find something bugs challenge, you know, anything that you know is, is off or you need help, just go right to the Slack channel. Um, so that would be the best. Yeah. And you know, it, it could happen. There was one challenge last time where, uh, there was, there was an image that, uh, got compressed and it kind of screwed up.
The Stego, uh, had to go back and reset that mid challenge after everybody spent half the day kind of banging their heads against it, why isn't this working? Um, I, I checked it out myself. I'm like, oh, it doesn't work. So, uh, if, if you see any issue, let us know. We'll check into it and let you know if, oh, yeah, we, we messed up, or you just need to try harder. Yeah.
So the, one of the questions, um, came in Bryson, John, what will be the difficulties of like, you know, difficulty of the challenge? Is there any cyber SEC experience required? Um, so, so day one is, is, uh, it just kind of depends on, uh, it's, it's not gonna be terribly hard, but it depends on, you know, your experience with Windows, windows logs, um, and, and Kibana, any of that will certainly help. People who've used PERA before are definitely going to have an advantage.
You get through it quickly. Uh, it's not a terribly hard platform. The, the query language is pretty simple, uh, to use. But finding those right logs, uh, you, you've gotta, you know, have an understanding of how Windows logs work. Um, so I, I will provide some links tomorrow that can help if you don't have much experience with that. Uh, but, but there's nothing complicated or terribly complicated as far as like the hacking side of it goes.
Um, the, the, the next couple days challenges, um, we, we'll range a bit. Um, you will need to understand a little bit of, of programming and scripting. Um, you, you know, you, you will need to know a little bit about how, uh, pen testing works, you know, how to do some recon, how to look for vulnerabilities and misconfigurations. Um, and, and, uh, there's most of the challenges on day two and three are pretty, pretty much all the day challenges on day two and three are built in Linux.
So you're gonna need some Linux experience. You're gonna be getting into Linux systems. Um, and, and if you're completely lost in the Linux command line, you are gonna be lost. Um, but that's, yeah, that, that's, uh, pretty, pretty normal I think for a lot of these types of challenges. Um, so the, the final day should be the hardest, uh, that, that's where we're getting into a lot of custom code and less, uh, common vulnerabilities.
So, you know, some, some of the early stuff you may be able to identify some software running and find a common vulnerability for it. Look at those CBEs and, and find published exploits. Uh, when we get into some stuff on the final day, for sure. Um, you're, you're not gonna have that prebuilt proof of concept codes available. You're, you're gonna have to like really look into the clues and then there are lots of clues that are provided along the way.
Um, so if you miss something on day one or you miss something on day two, you know, you, you may get lost on on the next day. Uh, there's, there's definitely, and, and you will have, you'll be able to buy hints, you'll be able to spin points or hints, but there's, there's particularly some info on day one. If you don't find it, you won't even know where to go for day two. Uh, and, and the same thing for day three.
There's some stuff that you'll find in day two, um, that if you can't find it, you won't know where to go for day three. Now, we'll, we'll provide some way for you to get that by spending points. Um, so, so you'll be a little bit behind as far as your score goes. Uh, so you should, you can get it that way, but all, all the data should be there. You should be able to find it. You just gotta look for it. Cool.
So we have, um, and, and I appreciate Duncan, what you're, you know, the comments in there, you know, Duncan couldn't have said it better, like, join us, you know, like the worst case you figure out, you know, kind of where your limits are and you know, the next time you know John, uh, Hammond, wouldn't you say that's, you know, start figure out where you're at and it'll give you a reference point on, on where you are.
Well, we've got a pretty good wide range of things you'll need to do with this. So it'd be a good, good way to mark areas that you maybe need a little bit more experience with so you can learn and grow in those areas. Yeah, really good, really good points. Really good points. Okay. Um, and the, one of the questions is, where do beginners start to prepare for CPFs? I'm glad you asked that question. 'cause that's literally the next part of this whole meeting.
Uh, when John and Bryson are one of the things they're gonna be talking about. Can you still access day one content on day two, day two on day three, Bryson? So basically, hey, this competition this day, day one ended, it's day two. Can I go back? Oh yeah. The, the other challenges will still be up. Um, we're going to cut the score off at, like I said, which we're gonna cut off the scoring for, for that day as far as, you know, the day one winner. Uh, but there will be an overall winner.
So if, um, if you don't get all of the challenges on day one before we cut it off, you can still go back, get those, and those will contribute to your overall score when we figure out the overall winner. So we're not actually shutting anything down, um, until, you know, Friday at 11 when the whole thing's finished. Uh, but as far as scoring goes for day one, day two, uh, those are gonna end the, the, the scoring for that day's, prizes or what ends at 11, everything's still gonna be up.
So, hey, uh, just, just real quick, we'll come back to q and a. Kyle, I know you gotta bounce. Uh, you were gonna, I think share something before you head out and I'll see you shortly again, but go ahead, Kyle. Yeah, I just wanna encourage everybody, like CTFs are where I cut my teeth. Um, you know, it's, it's where I learned a lot of my skills. It'll accelerate you and it's okay to suck.
I can tell you, you know, it's similar to that Michael Jordan quote about how many, uh, shots he's missed, right? And the only reason that people celebrate all that he made was because all that he missed in the process. So just encourage, if you have somebody out there that you know might know something about it, give 'em a hollerer, invite them onto a team, not a part of a team.
We saw it during the last, uh, you know, v Cyber Con event where a lot of these teams were getting set up within the Slack channels. For people that don't know, so please, like, use and abuse. The whole theme here is learning. Um, and for those that are more senior, take this as an opportunity that when you're done solving a challenge, write up some posts, post it on your medium block, tag us in some social media so others after the event can actually learn how you solved it.
So that was all my biggest thing, just kind of a community hurrah behind all this. So, huge. Thanks Andrew for bringing me on up, brother. Yeah, awesome seeing you. Thanks. Yeah. Alright, um, so lemme just go back to the few more questions and then we'll jump in on your side. So yes, Nicholas, definitely the session all, um, it was the, the question is, was the recession recorded? Um, just so you guys know, when you're looking at Crowdcast, Crowdcast automatically records everything.
So in the upper left you'll see like, this is session, you should see, uh, 'cause obviously I'm the moderator host. Do you guys see, like, let's just ask John Hammond or Jason or whoever, I'm sorry, or, or Bryson, do you see like sec schedule, uh, session one of seven up there? Yeah. Okay. So what'll happen guys, is when this session's done, um, I'll complete that session. It'll have everything recorded, and then I'll bring everybody into the next session.
And that's literally how the kind of the rolling of, of Crowdcast works. But everything is in that, I'm kind of pointing to my upper left in the screen. Um, that's how Crowdcast works. You can always go back to something. So, um, let's see. Sean, yeah, we talked about your question, Sean. Um, dinners, we talked about that. Um, what the session's all about. Writeups just wanted to know after the CTF we'll be getting writeups and walk, uh, the walkthrough to it.
Bryson, Um, I, I did not come through last time. Um, I'm not gonna make any promises. We've had several people in the community mention that they're, they're planning on like, reporting what they're doing and how they're going through it. Um, I, I will, uh, I, I, I'll, I'll try to get some stuff together, but yeah, we don't, we don't have, uh, anything specific plan. So, so once this is over, um, you know, it's back to, to work and doing analyst work, um, and, and an next.
And, um, so that, that takes up a lot of time. So I don't know how much time I'll have for, for the writeup after the fact, but, uh, I, I think we do have a team here, so there's a good chance, we'll, we'll get a lot of, uh, um, we have a number of people who probably contribute to that. So what, we'll do what we can, and we'll, we'll make sure to share with you guys what we have and then, uh, keep an eye on the Slack channel. The Slack channel from V Cyberon is still, it's still up.
And that's, that's what we're using again this time. So people were, uh, still, uh, involved in that. Even, you know, even up to now, it's, it's still been, uh, a little bit active. There's been people in there. So as if you wanna do a writeup as you do things that would be greatly appreciated, you know, we can definitely share that. I'm more than happy to offload that to anyone else who wants to, uh, to help. Great. We'll, we'll do what we can.
Yeah, and Jason, uh, Segel, who's awesome is, uh, you know, he's gonna help out, uh, Bryson as well. So thanks so much, Jason for doing that. Um, okay, so let's turn it over. Let's transition, if you know, I'll keep an eye by the way, on, on questions. Let's transition to the fireside chat, John and, and, and Bryson on what you guys wanted to talk about. Um, and, and again, so setting the stage here, there's, you know, some people that have never competed or, or newer or let's getting started.
Um, and that's the intent of this, to bring down the intimidation a little bit. So, you know, for people that, you know, have been doing this for many, many years and, you know, have, you know, some expertise at it to say the least. Um, John, thanks for, uh, doing this with, and Bryson, thanks for doing this. So I'll let you guys take it away. Cool, thanks. Yeah, I appreciate kind of the toss over. Um, I'm excited to be doing this.
I'm really thankful and just grateful to kind of be here with you guys, especially Bryson. Thanks for willing to chat and willing to talk about it. I think I'm most excited to kind of pick your brain and get some of the insights behind the development behind creating this CTF in particular. But I do want to like lay the foundation, right?
'cause we keep saying CTF and we keep saying capture the flag and we keep throwing those words around, but I wanna make sure everyone actually knows like, what that is and what is A CTF. So we can drill down on more of the terms. But I just wanna say outright and hopefully just to clear the air in the chat, like, this is for fun. The, the capture the flag is a game in a weird way, right?
It's a sport in a weird way, or it's, it's a, it's a computer security and cyber cybersecurity competition or like an activity or an exercise just to train you and to make you better and to improve cybersecurity skills. Um, and there's no shame in being new at that. Just it's, we don't want it to be that scary intimidating thing. Like, oh, what is the CTF? We're, we're just here to have fun.
And the whole point about putting a scoreboard and a leaderboard on there is so you have a little bit more motivation and encouragement to participate because hey, if you're solving challenges, if you're looking at different tasks and answering different questions, and you take a look on the scoreboard and you see someone that's just maybe five points ahead of you, or whatever the case may be, you say, Hey, I know, I know, I know I can overtake that someone, and you'll solve something else.
You'll keep playing the game. And that's fun. The whole point is to learn. So I, I always kind of think there are a couple different slivers or like flavors or different, I don't know, shapes the, the capture the flag competition might take, right? It, it could be a Jeopardy style game or an attack defense kind of game. Uh, I, I hear like a boot to root style competition or a Hack Quest competition.
Bryson, if I can kind of just, I, I don't know, kind of see what you think, what would you classify this CTF to be this cyber trifecta event? What, what category would you call this? Um, it is, so, so we're, we're definitely doing a bit like Jeopardy style, um, especially for day one, you know, because it, it is basically a little bit of info and a question, and then you've gotta go find the data in pera. Um, when we get to day two and three, it's a little more open.
Um, you, you essentially get a host and you've just got to do all the things and hack in and, and you'll just, and, and, and in these, in these cases, you'll, uh, it's, it's less of a, uh, go find this info as you'll, as you are exploring the host, you'll find something and then that will just be a, a key or string that you'll figure out where that goes on the board. Um, so that, that probably a little bit more, uh, you know, group to style, uh, I guess you could say. I think that's super cool.
'cause it sounds like you have almost a different element of each of those different categories, like, like those classifications all bundled together across the days. And I think that's really cool 'cause sure, you're using CTFD, I remember you saying infrastructure wise. So it, it has a jeopardy style feel to it. But like you said, okay, you're also doing, like, I feel like blue team stuff when you're going through those Windows logs and you're looking at PowerShell entries, et cetera.
And then the next day you go switch to some red team stuff where you're doing penetration testing, you're doing ethical hacking. And like, I would kind of put more of those in the boot to root and hat Quest style camps. So it's really cool. It's like you've got a good mix of, of all of it, right? Yeah. I, I, I see Jeopardy as kind of one of the big ones, commonly the most common, right? And they call it Jeopardy. For those that might not know, they just aren't familiar.
Just again, trying to, in case in case people need context, it's called Jeopardy. 'cause they're like different categories of tasks that you could be doing. I, I parallel it to like, it's weird. IIII say it's like the Olympics where there's a game specific to okay, track and field or whatever, a game and style, an event or sport that you might be doing.
There's a category in the world that captures the flag for like binary exploitation or cryptography or sta innography or Windows host forensics or network forensics, whatever the case may be. What, where do we kinda lean most in this game, Bryson? Is that forensics? Is that Stego, is that, Uh, we actually try to again, include as much of that as we can. So, so I mean, we're, so you're starting off with forensics for, for sure.
Um, you know, digging through, digging through the logs, but then you're going to be doing some, um, some exploiting. There's some web exploits, there's some binary exploits, there is some stago hidden, there's some pastoral cracking. Uh, all, all of those things together. Um, uh, even even some of the stuff. So I, I know Huntress added a couple of extra challenges last night, uh, that there's a, uh, uh, some kind of binary exploit. I haven't, I haven't checked it out yet.
I just saw it on the board this morning. Um, so I'm gonna have to check that one out. We do have some reverse engineering and, uh, so some of those aren't quite, don't exactly fit in with the, uh, storyline that we put together, but they're just kind of some extra challenges that you'll find along the way. So like, especially on day two, uh, as you explore the system, you're, you're gonna find a couple of files called cracking one and cracking two.
So, uh, there's just some reverse engineering, uh, for those of you who don't, who aren't familiar with what a cracking is. It's just a small little program that takes a password. Um, and the idea is that you're going to reverse engineer that program and figure out what the password is. Uh, so, so that's, um, that's a couple things you'll find along the way. You'll feel, try to be careful of what I, what I say so I don't reveal too much. You don't want any inside baseball right?
Secrets before the game. Uh, there is some web exploitation on on day two, uh, when you get to find that second, uh, server that there's a webpage, uh, on a website that you can, you know, hack into and hopefully from there be able to get a shell and get root access. Um, part of the, the exploiter that, the hack that occurred last night on this fake organization, there was a pearl IRC bot as part of a botnet. Um, so, uh, you're gonna need to know, you know, a little bit about how IRC works.
Um, 'cause because you, you'll be expected to actually try to pick apart that, that pearl script. Um, so have fun reading pearl. That's always a lot of fun. Um, pick that apart, see how that works, log into the botnet and, and see what happens. Um, see if you can get the bots to respond to you as if you are the bot admin. Um, see if you can figure out, uh, uh, what the commands are. Um, see if you can figure out what the bot admin is actually doing.
So, so there, the bot admin's gonna be logging in periodically and doing some stuff. And so, uh, you have to see if you can figure out what mean, and that's gonna lead you to some other clues and some other things, uh, that, that have some additional challenges. And then, then definitely on, on the, the last day, there's, um, getting into that, that private box. That's, that's very much gonna be like a, a week to week kind of, um, challenge.
Where, and, and this is, this is something where Ross from, from our stock, he put a lot of time into this. Yeah, he wrote a lot of custom code. Uh, so getting into that last box, you're not going to have, um, a published export. This is something that he wrote with certain exploits in mind. Uh, so you're gonna do some recon, uh, find what courts are open and, and then figure out what this thing is and how do you export it.
Um, and, and then even there, you're just gonna get in as a, a limited user and you're gonna have to figure out how to get yourself all the way up to lead as well. Um, so there's, there's, there's a wide range of challenges. We try to throw in a little bit of everything. That's awesome. Even a little bit of a, a network forensics, you know, that there will be a, um, if you find it, there will be a packet capture with just a little bit of info on it as well. Nice.
So it sounds like they're just a little bit of Easter eggs or like breadcrumbs that could help even further along in the story, kind of scattered throughout some of those other ad hoc challenges. Right, right. That's super cool. That is super cool. I definitely like, I see the hat quest portion of it too, and the boot to root because there is a story that makes me feel very hat quest like. And obviously the red team blue team stuff that, that's, this is gonna be awesome. I'm very excited.
'cause I haven't seen all this. I think I snuck in one challenge, but I haven't seen this whole orchestration. Can I ask what you guys came up with the storyline for? Or how did this come to mind? Or who was the kind of creative genius behind that? Um, so, so the, the storyline was from the US in the, uh, our, the purchase soc. Um, you know, since none of us have been to the office since March, at least in the soc, uh, we have a, a Zoom channel. We just hang out.
And so we were just talking about it. Uh, and, and actually it was partly inspired by the head of our research team, Paul Scott. So, um, last fall, uh, Paul and I went to visit the Tampa office. And while we were there, we, uh, so, so, so with PERA we're collecting all this data from all of our customers, and we see, uh, all these people trying to, to hack our customers. We see, uh, a lot of IOTs trying to spread.
Uh, we see them trying to, uh, make use of an exploit to get something to download. And some of the things that they attempt are, are trying to get to, to be downloaded and run are some pearl, iris and bots. Uh, we've actually collect been collecting them. And, and so, um, Paul has, uh, has been, has sort of infiltrated some of these and has been watching what some of these, uh, uh, botnets are doing. We're kind of keeping an eye on them.
Like, like we, uh, and he, he did a presentation about this last, last fall for, uh, our users. We have a regular MSP users meeting for all of the MSPs who are our perch customers. And he did, he did a demo of this logged into to the botnet and just kind of like show what it was doing. Um, and, and we, we actually were able to witness, uh, the, one of the botnet admins log into the, uh, the, the botnet and was like staging a, a phishing attack.
So he was sending commands to all the bots to, to download these files. And the files were, you know, emails. Uh, and, and then they were specifically related to, uh, some sort of fees for, uh, uh, some, some channel related to the BBC network. And, you know, we were able to contact like BBC and say, Hey, this, this phishing attack is about to hit. Uh, so that, that's kind of what I think inspired us was that that work that Paul had done, uh, we saw that happening.
Uh, you know, we, we can, we've got all this info. We kind of saw how that's done. We, we can duplicate that and, and it would make us make a fun challenge That like, that that is so crazy to me because that's obviously like that, that's real stuff, right? Like that was a real world experience. Is that Right? Yeah, I mean, yeah. The, the, the pro bot, you're gonna see that's, that's one, that's it, it's a real bot. We, we've tried to grip it a little little bit.
Um, so, so you're not actually gonna be able to like launch a DDoS from it. Uh, but um, but yeah, most, most of the code is like actual code that was used by real threat actors that are part of a real botnet. Sweet. That's crazy.
Like, I, I always think that that's the biggest tie in that you gotta have with, when you talk about capture the flag and you talk about some of these activities and exercises and trainings that you do, because a lot of times people, I feel like you could say, oh, it's, it's just a game. It's, it's not realistic, it's not applicable to real world.
Um, but I always kind of bite back and say like, no, this it is exactly supposed to be training you and, and sharpening your teeth and getting you stronger, like sharpening that sword for the real world stuff. Like there could be potential for you to find something that would at least get you thinking or move you line along the line of thought to whatever, track down a, a new CVE or a zero day.
Who knows that could get that far, but, and just to practice and expose yourself to new technologies and experience like new things. So Yeah. Yeah, it's been been a lot of fun. I, I love, uh, I just noticed Jason's comment in the chat that, uh, pearls are right only language, so That's awesome. What was kind of your, uh, if I may ask again, peeking into the developer side, what was kind of your tool of choice if you were putting together some of these? What language are you typically in?
Oh, um, I, I do most of my stuff in Python. Uh, nice. I, I, I do, uh, some of the, some of the work we do in, in the soc. Um, actually I work closely with the, our research team as well. Uh, we do some like malware analysis and stuff. Um, we, we working on our own sandbox, it's based on cuckoo, which is all written in Python. Oh, wow. And, and then we've got some bots that do do some stuff with that as well that we've all written in Python.
So that's, that's where I spend most of my time in Python. The only thing that bugs me about Cuckoo is it's still, uh, Python 2.7. Um, yeah, Python two is dead and gone. Yeah. Yeah. They need, they need to get it updated, but uh, it takes a little bit to switch gears sometimes.
'cause all of our stuff is, is of course up to date and using Python for, Yeah, Python is certainly my, I guess, weapon of choice is kinda what I say, or like the language that I'll reach for whenever I need or want to get something done. And I typically advocate that to others even that ask like, Hey, can I, I want to get better at capture the flag. I wanna get better. I even wanna do bug bounty or penetration testing or some of this stuff.
Um, even if they're new to programming, I always just tend to point them towards Python. 'cause I feel like that's really, really user friendly. Like, it's easy to read, it's easy to write, and you can do so much with it because the support in the libraries and the modules and everything you can kind of pull into your code is, is great. It can do so much stuff. Yeah. I, I, python's great and, and it's really popular in the, in the cybersecurity world.
And so there are a lot of projects out there that you can find and build on that are already in Python. Lot of libraries that are, are helpful. Um, so you don't always have to build everything from scratch as well See some of the comments talking about the FST strings and Python three talking about pone tools and pone lib. Excellent. Yeah. Yeah.
If you guys, anyone that's listening that is still interested and new to this, uh, pick up Python, that is definitely a takeaway that, that I would want to, hopefully we can extend. Cool. What made you, uh, go for CTFD for hosting? If I can ask? I, You know, I've, I've done several of these now over the years, and I don't remember why I started with that. It's just, it's what I, the first one I put together years ago. Mm-Hmm. Uh, that's, that's what I ended up finding.
And I, I think I was just looking around for a platform built for CTS for keeping score. And that's, that's what I found. Uh, it let me long enough now, I don't remember if I looked at anything else or what else I might've looked at. Um, Let me, let me clarify that for some of the others that, again, might not be used to these acronyms that were thrown around 'cause CTF or the capital flag is the competition in the event, in the game.
But when we add that other letter, just that, that d at the very end we're talking about, uh, CTFD, which is an open source platform and framework, and it's it's the website that you log into when you go to that, uh, ctf do purchase security, right? The URL that we're going to and, and CTF purchase security com. Yeah. That website that you're going to, the CTF is being hosted and put together with CTF D and that's written in Python once again. Another, another thumbs up. So, very cool. Sweet.
Is there anything else that you would kind of like to tune in or advocate or, or share with some others that might be new before I, I, I'd love to share some, like links and resources, if that's totally okay with you. Yeah, go for it. Um, I, uh, as, as we go through each stage, challenges that there'll be a new webpage or a new page that shows up on the CTF site. Uh, there will be some, some useful info and links on each of those pages as well that are related to that, these challenge.
Um, but yeah, any anything else you have to add or, or things you wanna share, go for it. Yeah, it is crazy cool to me because you guys have included and and packaged so much into, into this between all the three different days because you've got a little bit of PowerShell, you got a little bit of Windows, you even got some Linux stuff in there between Red Team and Blue Team the first day.
So, uh, the penetration testing stuff, I always point people that are new that want to get into the scene to stuff like try hack me.com or hack the Box. Those are incredible. More games and more games is the word you'll, you'll often hear because they are trained and specific virtual environments meant to be for your own experimentation and for education and for learning.
There, there's no risk in you throwing exploits or throwing attacks at 'em and, and just learning and trying to get a better understanding of these tools and stuff that you can do. So try hack me and hack the box. I'll share some of those links, but that's specifically for red team stuff. If you are interested in the Blue Team side of the house, there's plenty of other things.
Windows, logs, PowerShell, everything, uh, under the Wire Tech showcases some good PowerShell techniques and Over the Wire showcases some other Linux side of that. And obviously for Capture the flag, there's CTF time.org, which always showcases a running game. And Pico CTF is what I really advocate for beginners. I'll, I'll dump some of those links in the chat if you guys are comfortable with that.
But hey, if, if you're new to the scene, I always tend to point people towards Pico and some of those learning resources. They're all great. Yeah, no problem. This has been great guys. Thank you so much. Um, I learned a ton Duncan. Uh, any thoughts? Don't mean to put you on the spot 'cause I know these guys were in the CTF, but any, any closing thoughts from you as we start to wrap up the day and Not really. No. Okay. No, no worries.
And, and John, are there any things that, um, you know, people can, you know, on your YouTube site that can, people can get, you know, like to learn more as well? You have a lot of stuff out there, so, uh, are there, are there some things that people can learn? Yeah. Come by there. I I don't mean to be a Shell and a shell out.
No, I'm, So, Lemme be clear, I'm, I'm the one because I've been to your site and it's so, you know, it's got so much stuff, so if it can help people, I, I it's not being a shell. I'm, I'm the one saying it, you know. Yeah. Uh, I have a, I have a cheesy, silly YouTube channel that's just my name, uh, where I like to showcase some capture the flag, like video write-ups and programming tutorials and some and stuff.
Some of it is a little old and a little dated, but some of the recent stuff might be handy. And there are, there are walkthroughs in Write-ups for some of those learning resources that I just mentioned between pgo, CTF, between Hack the Box, tri Hack Me and Over the Wire, et cetera, et cetera. Um, hopefully those could be helpful. Uh, I also have a GitHub repository that might include some nice tools or just a checklist and things that could help you for capture the flag. Right.
There is a lot you could find and work with if you're, if you're kind of interested. But I hope I can be a friend and be a resource to you. So please don't hesitate to reach out. I hope you enjoyed kind of our casual conversation fireside chat about some of the, the capture the flag stuff going on. It was, it was fantastic. I really appreciate both of you guys. Um, there was just a few final questions if I could and then we'll close up for today.
So, um, for those of, um, hey, rude, um, good to see you. Um, so, uh, for those of you again in the competition, which is most of you on this, so we'll be back here tomorrow at 1130. We'll kick we'll, we'll lay it, you know, just get, make sure everybody's good to go with the competition. For day one, we'll have, um, give a few minutes to Amme from Cyber Fish, um, who's, um, you know, laying out a fair amount of cash for everybody to, uh, compete.
So, uh, you know, um, and they got, they're just great. They, they're, they've got some very, very cool technology. So I really wanna share that with everybody. So, um, quick question here is, um, will we be able to still compete, you know, for some of that's really busy, right? And will they be able to still compete, um, in the CTF even after the event's open? And I hope you're still here if you ask that question.
Um, no, I, I think when it's over we're gonna end up shutting, uh, kinda shutting things down. So, uh, you've got till 11 o'clock Friday morning Eastern time. Uh, but, but at that point we're, we're gonna be shutting things down. Okay. And question was, did the person said, I, this may be completely off topic, but will these CTS have to deal with quantum computing? That was, no. No. Okay.
So those are all the questions that have been, you know, brought up and, um, uh, so Dave k who's probably still out in the audience and, and, and, and, uh, John Farrell from Huntress. Um, thank you so much, uh, for, uh, Duncan Miller, thank you for ID agents participation and all your hard work John. Uh, wonderful. I know you'll be back here hopefully tomorrow, but definitely you'll be presenting on Wednesday at 1:00 PM So, um, and then last but not least, Mr.
Bryson and the perk soc, uh, I, you guys have put a ton of effort into this, so kudos to you guys. Thank you so much. Oh, hey Andrew, just, just one thing. I don't know if I said this, but um, Duncan did put in some of the work on day three, so some of the challenges and the infrastructure, um, he, he uh, he spun some of that up initially and, and got, uh, um, some of that set up.
So I don't know if we, we mentioned that uh, he was involved in, in getting someone to set up for what party he had done, but it, it wasn't so, You know who to blame. It Was Exactly. Gotta make sure the blame, right. Uh, but yeah, it was a group effort from, from all Pinterest perch and, and, uh, ID, Yeah, totally, totally, totally. Thank you Duncan. Um, so alright, so let me wrap up today. So again, same place that we'll meet every day. Um, I'll close this one out.
Yes, that's recorded upper left. We will see, we'll be moving to session two of seven and we'll look forward to seeing y'all tomorrow and it's gonna be awesome event. Thanks everybody. Thanks guys. Bye. Bye.
Related Videos

Right of Boom 2025 – Steve Rivera – Logically
Right of Boom 2025 – Steve Rivera – Logically

Right of Boom 2025 – Calvin Engen – F12.net
Why Vendors and MSPs Prioritize Right of Boom – Hear why Right of Boom attracts the most security-focused MSPs—and how it creates unique value for vendors and partners.

Right of Boom 2025 – Bill McLaughin – Thrive
Right of Boom continues to raise the bar as a cybersecurity conference built for MSPs. With attendance surging from a few hundred to over 1,300, the event delivers more than just technology—it’s a ...