Dispelling myths of red/blue cyber competition through metrics

Presented at Kernelcon 2020 Virtual, March 27, 2020, 11:50 a.m. (20 minutes).

The DOE CyberForce Competition is an annual college event where student defenders compete against each other, defending their systems from red teams. The goal of this competition is to improve the technical skill sets of the students to prepare them for the work force. However, just randomly throwing red and blue teams together hoping that magic will happen is a recipe for disaster. But it’s hard to correct deep-seated wrong views about these cyber competitions. So this year, at the Albuquerque site, we developed a process and automated tooling to collect data during the competition to answer questions such as the average number of vulnerabilities patched before game start time, ability for lateral movement without initial access, detection rate of more advanced C2, etc. This data is really important for us to get insights about the competition so that we can improve it for the students. Hopefully, more competitions will start collecting these types of metrics so that we can improve the state of cyber education events.


Presenters:

  • Kandy Phan - Sandia
    Kandy is a cybersecurity researcher and red team lead.

Links:

Similar Presentations: