My blog post on the AWS Internal blog site can be read here.
I was featured in a bonus episode of Palo Alto Network’s Learning Happy Hour
In this bonus episode of the Learning Happy Hour, Mitch and Jason from Palo Alto Network interview me about what it takes to design and run PRCCDC.
Cyber Defense Competition in AWS v2.0 (with a touch of DevOps)
After successfully running ICCDI 2018 (International Collegiate Cyber Defense Invitational) in AWS, we decided we were ready to go for the big one – PRCCDC 2019 (Pacific Rim Collegiate Cyber Defense Competition). In 2013 we were the first regional CCDC to virtualize the competition going from a bare metal server/network infrastructure to VMware vSphere. Prior to virtualizing the competition the blue teams had physical Cisco routers and switches but in the virtualized world these were replaced by easily virtualized firewall/router products such as VYOS and eventually Palo Alto networks in 2016 when they came on as a national sponsor. Running the competition in VMware over the last six years became…
Wouldn’t you prefer a nice game of chess? – Designing and Running a Cyber Defense Competition in AWS
In July 2018 Highline College and Namibia University of Science and Technology (NUST) hosted the 3rd annual International Collegiate Cyber Defense Invitational (ICCDI). In 2017 the competition was held on the Highline College campus in Des Moines, WA and all participating colleges save one competed on campus. Eight students from Politeknik Negeri Medan in Indonesia competed remotely. The competition was run on Highline’s VMware infrastructure and the team in Indonesia connected via VPN and accessed the game environment through VMware Horizon virtual desktops. For the 2018 competition we would have teams of students at Highline and at NUST s well as Indonesia competing remotely again. With teams in at least three different…
Using a Raspberry Pi to Make Students Miserable
The scenario for the 2018 Pacific Rim Collegiate Cyber Defense Competition (PRCCDC) was a power company SCADA system called Scadacs. The blue teams, made up of 8 students from different colleges, had to keep a simulated SCADA network up and running while defending against a group of professional penetration testers, the red team. But we felt it wasn’t enough for the students to be victim of data loss and website defacements, if the red team got into their system they could literally shut off the power. At first I had the idea that if they are managing a SCADA system we need something more than a collection of servers simulating that…