It’s that time of the year when we get to root for our alma mater or favorite college competing in the Collegiate Cyber Defense Competition (CCDC). This year, Palo Alto Networks is supporting all 10 regional competitions, and the national competition, through the donation of our next-generation firewall, which CCDC teams will use to defend their networks. The Academy Team has set up a Moodle training course for competing teams to learn how to deploy and configure our next-generation firewall to defend their competition networks. Currently, there are more than 800 participants from CCDC teams on our Moodle training site. We also have teamed with the Network Development Group to provide CCDC competing teams with access to our NETLAB+ VM-100 lab pod. Teams are accessing these resources now to prepare for this competition.
Just like the “Sweet 16,” the winning team at each of the regional competitions goes on to compete in the National CCDC, where the winning team is crowned the national champion. This year, the national competition will take place from April 13 to 15, 2017 in the Henry B. Gonzalez Convention Center in San Antonio, Texas.
The national CCDC website includes the mission of the program and a brief description of the competition framework: “CCDC competitions ask student teams to assume administrative and protective duties for an existing “commercial” network – typically a small company with 50+ users, 7 to 10 servers, and such common internet services as a web server, email server and e-commerce site.
Each team begins the competition with an identical set of hardware and software and is scored on its ability to detect and respond to outside threats; maintain the availability of existing services, such as mail servers and web servers; respond to business requests, such as the addition or removal of additional services; and balance security needs against business needs. Throughout the competition an automated scoring engine is used to verify the functionality and availability of each team’s services on a periodic basis, and traffic generators continuously feed simulated user traffic into the competition network. A volunteer red team provides the “external threat” all internet-based services face and allows the team members to match their defensive skills against live opponents.
When students enter their competition area, they are told they are replacing an IT staff that was fired for negligence and incompetence. As a result, the clients and servers on their networks may be infected with malware and/or configured insecurely, allowing easy access to external attackers. The CCDC competitions last for 20 hours spread over two to three days. The winner of the competition is the team that can keep its services up the longest and scores the highest points for correctly answering the business “injects.”
The competition is organized into color-coded teams. The Blue Team is the student team consisting of five to eight students, two of which can be graduate students; there are multiple such teams in each competition. The Red Team provides the external threat for the Blue Team. Red Team members are usually professional penetration testers. Last year Raphael Mudge, the developer of Armitage for Metasploit, was a Red Team member at the Northeast CCDC. The White Team provides the referees for the competition and generates the business tasks for the Blue Team. At the end of the competition, the White Team determines the winner based on up-time and business inject points. The Orange Team provides customers with whom the Blue Team interacts. The Black Team is responsible for setting up the competition environment for the Blue Team.
Representatives from our Academy and Delivery teams will be at all 10 regional CCDCs in addition to the National CCDC. They will provide technical advice to the competition teams, information about our college internship opportunities, and information about our great academy program. Additionally, Rinki Sethi, our Senior Director of Information Security, will be a member of the White Team at the Midwest CCDC.
Here is the CCDC competition schedule:
Ignite '17 Security Conference: Vancouver, BC June 12–15, 2017
Ignite '17 Security Conference is a live, four-day conference designed for today’s security professionals. Hear from innovators and experts, gain real-world skills through hands-on sessions and interactive workshops, and find out how breach prevention is changing the security industry. Visit the Ignite website for more information on tracks, workshops and marquee sessions.