Everyone Can Play! Building Great CTFs To Teach Non-Security Folks
Most security practitioners are aware of the learning and fun that comes from participating in Capture the Flag competitions. Racing against other teams, solving brain-twisting challenges and seeing new ways to compromise systems teaches and entertains.
CTFs are also a great tool to give non-security folks a hands on understanding of how security vulnerabilities enable criminal activities, reduce user privacy and degrade system reliability.
In this session you will learn to build interesting, educational and easy to use Capture the Flag events targeted at developers and other technical, non-security, users.
We will cover specific considerations for each audience you target, how to create interesting (yet solvable) challenges, and how to make the overall experience friction free for the participants.
You will also learn tools and techniques to create easily repeatable, consistent events with minimal work. We will cover collaborative development, external system integration techniques, tooling and a fully automated deployment pipeline to make spinning up a new CTF as easy as pushing a button.