press release

Lastline Sponsors International Capture the Flag IT Security Exercise and “White Hat Hacker” Competition on Friday December 4, 2015

Lastline Sponsors International Capture the Flag IT Security Exercise and “White Hat Hacker” Competition on Friday December 4, 2015

World’s Longest-Running Educational Hacking Competition at UC Santa Barbara to Test and Expand Participants’ Security Skills for Fun and Cash Prizes; New Twist Features “Crowdsourced Evil.”

REDWOOD CITY, CA — December 3, 2015 — Advanced malware protection provider Lastline™ is delighted to announce its sponsorship and support of the UC Santa Barbara International Capture The Flag (iCTF) competition taking place this Friday, December 4 beginning at 9 a.m. PST (see registration information below). The iCTF competition is a distributed, wide-area security exercise conducted to test and sharpen the security skills of the participants, with multiple cash prizes on the line.

The iCTF is the world’s longest-running educational hacking competition which integrates both attack and defense security aspects in a live setting. The contest is organized by Professor Giovanni Vigna of the Department of Computer Science at UCSB and Lastline Co-founder/CTO, together with Shellphish, the well-known UCSB Security Lab hacking team. The popular event is held annually over an eight hour day, and draws participants from around the world. The UCSB Capture The Flag event features a multi-site, multi-team hacking contest in which several teams compete independently against each other.

“This is not only a great event to test participants on their security expertise, it’s a lot of fun to participate and watch teams compete,” said Vigna. “We’re testing security skills, teamwork and creative spirit.”

Each team maintains a set of services that must remain available and uncompromised throughout the contest, while simultaneously trying to compromise other teams’ services. Each team receives an identical copy of the virtual host containing the vulnerable services, and must find and fix vulnerabilities in their copy of the hosts without disrupting the services. Teams also use their knowledge about these vulnerabilities to compromise the servers being run by other teams. In compromising a service, the winning team can bypass the service’s security mechanisms and “capture the flag” associated with that service.

The UCSB iCTF competition has evolved from a number of previous security “live exercises” that were carried out locally at UCSB, in 2001 and 2002. In 2004, the UCSB iCTF evolved into an international exercise and featured teams from the United States and Europe. Since then, the iCTF has gone through 12 editions (one every year) with more teams and innovative designs each year.

This year’s new twist is that the teams are required to provide one of the vulnerable services in order to participate. This results in a “crowdsourced evil” effect, in which, in addition to the attack and defense skills of the teams, the participants’ creativity is put to the test.

Those interested in registering or more information can contact Dr. Vigna directly:

Cash Prizes

The winner of the competition will receive a $500 US cash prize. An addition $500 cash prize will be awarded to the “best service.” The best service is voted by the teams themselves at the end of the competition. An additional $500 prize for “best dashboard” will also be awarded. During the competition, the organizers will review each dashboard and vote for the best submission.

All prizes are sponsored by the Shellphish team itself.

About Dr. Vigna

Dr. Giovanni Vigna has been researching and developing security technology for more than 20 years, working on malware analysis, web security, vulnerability assessment, and intrusion detection. In addition to his roles as Professor in the Department of Computer Science at the University of California in Santa Barbara and as the director of the Center for CyberSecurity at UCSB, Dr. Vigna serves as Lastline’s co-founder and CTO. He is the organizer of the iCTF, the world’s largest educational capture the flag competition. He is also the leader of the Shellphish team, which is the longest-running DefCon CTF team. The Shellphish team recently qualified in the DARPA Cyber Grand Challenge (CGC) and will play the final CGC competition at DefCon 2016.

About Lastline

Lastline is innovating the way companies detect active breaches caused by advanced persistent threats, targeted attacks and evasive malware. Lastline’s open architecture integrates advanced threat defenses and intelligence into existing operational workflows and security systems. Inspection of suspicious objects occurs at scale in real-time using a full-system emulation approach to sandboxing that is superior to virtual machine-based and OS emulation techniques. Lastline’s technology correlates network and object analysis to achieve timely breach confirmation and incident response. Lastline was built by Anubis and Wepawet researchers and industry veterans with decades of experience focused specifically on advanced breach weaponry and tactics.

Headquartered in Redwood City, California with offices throughout North America, Europe and Asia, Lastline’s platform is used by global managed security service providers, Global 2000 enterprises and leading security vendors worldwide. To learn more, visit www.lastline.com.

Contact

Ashley Kiolbasa
Lastline, Inc.
press@lastline.com