Hack Back; Let’s Learn Security With CTFs! - Lewis Denham

The presentation discusses the importance of sharing knowledge and resources in cybersecurity and DevOps, using a scenario involving a taxi company as an example.

• Sharing knowledge and resources is crucial in cybersecurity and DevOps
• The presentation uses a scenario involving a taxi company to illustrate this point
• The scenario includes various components such as RBAC, an S3 bucket, and an application to manage traffic lights
• Hints and clues should be given to participants to make events more enjoyable

The presenters discuss how they created a scenario involving a taxi company called FUBAR, where an employee was paid to give away their password. They used this scenario to demonstrate the importance of sharing knowledge and resources in cybersecurity and DevOps. They also emphasized the need to give participants hints and clues to make events more enjoyable.

Threat actors have always been looking to attack clusters. Do you have the right security in place to detect and defeat if they are targeting yours? Or they are already in? Kubernetes has become the de facto cloud operating system and production environments have increased in maturity. So have the threats. Security Teams don’t necessarily have the expertise to detect state-of-art attack scenarios specific to cloud-native environments, like Kubernetes. So, where do they get started? Capture-The-Flag (CTF) events are a great way to learn about the techniques of both attack (Red Team) and defence (Blue Team). This talk will give you a framework for your own internal CTF events, with Red and Blue Team assessments, as a best practice for improving security in your organisation. We'll give a hands-on, live walkthrough of the top 3 state-of-art attack scenarios as CTF exercises using common open source projects like Simulator and Tetragon. Remember, the best way to learn how to detect is to first know how to attack!