Incident Response Challenge
CERT Australia will host another Incident Response (IR) Challenge at BSides Canberra in 2017!
The challenge is an offline IR memory and network challenge in which participants (either individuals or teams) download the given PCAPs and Memory dumps collected from a simulated incident and try and piece together the narrative of what has occurred.
Unlike a traditional CTF, there are no set flags in a given format to find. The winning submission as judged by the CERT will be the one that most completely covers the following:
- Explanation of the environment the incident took place in
- Most complete summary of the incident start to finish including technical detail to back up each step/event
- Recommendations or advice that could be provided to the affected fictitious organisation for both remediation as well as improving the overall security posture of their network
Check back on this space for more details closer to the event.