Capture the Fail: Avoiding Pitfalls When Running Your CTF

Kris Silvers

Kris Silvers

Chris Silvers

Chris Silvers

Speaker Bio

Kris Silvers, M.Ed., is a partner of and head of security awareness and training with CG Silvers Consulting. Kris conducts in-person and virtual training sessions and administers a variety of managed services with enterprise-level corporate clients. She is also the lead organizer for Open Source Intelligence Capture the Flag (OSINT CTF) competitions sponsored by CG Silvers Consulting, which have been featured at GrrCon, NolaCon, BSides Atlanta, and other security conferences and community events.

Chris Silvers is founder and CEO of CG Silvers Consulting as well as a DEF CON black badge winner. Chris’ passion for education and more than 20 years of experience in information security have landed him on the presenter’s stage at conferences such as Defcon, BsidesAtlanta, NolaCon, DerbyCon and GrrCon. In addition to several professional security certifications, Chris has a bachelor’s degree from Georgia Tech and an MBA.

Presentation

Is it possible to contribute to the security community without dropping an 0 day or coding the next nmap? How about running a CTF? Kris and Chris Silvers, creators of the OSINT CTF, share some lessons learned along their journey. They’ve run into some interesting problems — like their scoring engine’s exploitable vulnerabilities to targets changing their attack surface mid-competition — and met them all head-on. Laugh along and learn something as they walk through their toughest challenges and how they handled them.