Name: Golfing with Dragons: Building Secure Environments for CTF Competitions
Start: 2023-05-11T14:05:00-0400
End: 2023-05-11T14:35:00-0400

Back To Schedule

Golfing with Dragons: Building Secure Environments for CTF Competitions

Feedback form is now closed.

Capture-the-flag events remain one of the most popular ways to learn new skills in the information security field, but how do you securely deploy and monitor a competition that is designed to be hacked?

This talk will demonstrate how running CTF events are an exercise in applied DevSecOps practices. From threat modeling the attack surface to building hardened containers and monitoring resource utilization, we will cover how to approach running competitions that are meant to be hacked while maintaining the security of your core infrastructure and ensuring competitors enjoy the competition.

Speaker

Jared Stroud

Lead Security Engineer, The MITRE Corporation

Jared Stroud is a lead security engineer at the MITRE Corporation, focusing on tackling DevOps problems related to containers and Kubernetes. Additionally, Jared serves as an adjunct lecturer at the Rochester Institute of Technology, teaching courses related to computing security... Read More →

Daniel Szafran

Cybersecurity Engineer, The MITRE Corporation

Daniel Szafran is a Cybersecurity Engineer for the MITRE corporation. He has a master's degree in computing security from the Rochester Institute of Technology and specializes in automated deployment.

Thursday May 11, 2023 2:05pm - 2:35pm EDT
Virtual Virtual

Presentation

Host Organization Software Engineering Institute

DevSecOps Days Pittsburgh 2023

Jared Stroud

Daniel Szafran

Attendees (2)

DevSecOps Days Pittsburgh 2023

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Jared Stroud

Daniel Szafran

Attendees (2)