Lessons from supporting 9,500 teams with CTFs | Issue #8
Welcome to issue #8 of the ThreatReady!
ThreatReady is your source of actionable truth based on the latest industry news. It offers a people-centric perspective that connects deeply with the challenges and triumphs of leading security teams and strategy.
If the cybersecurity landscape were a chessboard, the ThreatReady newsletter would be your strategic guide to staying three moves ahead of bad actors.
Marketing CTF events 101 📢
We’ve supported more than 9,500 teams with CTF events. Most face two common problems:
After talking to leaders from top-performing teams, like Toyota North America, we’ve spotted common patterns shared by teams with strong CTF participation records:
Learn more about optimizing CTF event participation and results by reading the full article.
But conducting an internal CTF sounds like a lot of work, planning, and time (which security teams don’t have!)
Enter: HTB CTF marketplace.
The HTB CTF marketplace has 100+ challenges and curated packs across both offensive and defensive content—like fundamentals for blue teams and web app security development—which you can tailor to your security objectives.
Our Enhanced Event Management feature streamlines the setup and coordination of team CTF events with:
We also provide a live scoreboard, giving participants real-time updates and insights into performance.
Is it ok to Google answers during a security interview? 🎤
“I remember a time when I was asking candidates basic questions about Active Directory (AD), and I could just tell that they were pausing to Google the answers.
We also got people with fantastic-looking resumes, but when we tried to dig into them, it became clear that they were bluffing or fluffing up their resume.”
That was a hiring experience our Head of Information Security, Ben Rollin (mrb3n), had when he worked as a senior consultant responsible for hiring security professionals.
Ben’s response to candidate’s Googling answers during interviews?
Building a solid technical assessment strategy into the hiring process.
Recommended by LinkedIn
Candidate assessments are an excellent tool to assess a potential hire's ability to:
But security skills assessments need to be done right.
They should be relevant to the security role, aligned with your hiring goals, and have the right “goldilocks” level of difficulty for the candidate.
This requires a strategic approach and a strong understanding of the role you’re hiring for.
Read Ben’s full guide on how to:
SOC tools & methodologies for your blue team to master 🔨
Blue teams rely on a range of tools to monitor domain security.
However, simply relying on tools to get the job done, and failing to understand the fundamental processes and methodologies behind them, could be a costly mistake for any blue teamer to make.
While SOC tools can help automate and lighten the workload for many defenders, we urge for a “techniques and methodologies over tools” mindset.
Monitoring tools won’t be able to spot every case of suspicious activity. For example, with Windows event logs, regular changes to system audit policies may be normal in your organization but could be considered a threat in another.
To apply critical thinking when using a tool, you need to know the methodology behind it.
That’s why we’ve put together a list of important SOC tools and resources for your team to master the methodology behind them.
👉 Share your win with the community
Your expertise and insights are invaluable. And we’re eager to share them with our vast audience of over 2.9 million members.
We’d be honored to feature your top "win" of the month related to your team, department, or security program in the next edition of ThreatReady.
A “win” could be:
The top wins will be shared in the next month’s edition of ThreatReady (and if it’s really good, may get some additional love on social media).
Want to share your win?
Drop a comment below telling us what it is👇
IT Technician | Cloud Engineer| Software Developer | Cybersecurity Analyst | IT Support | Comptia A+ certified
3mogreat!
SOC Analyst | Intern @ CodeAlpha | Threat Detection & Response
3moGreat post, Hack The Box! The ThreatReady newsletter continues to provide invaluable insights for cybersecurity professionals. I'm particularly interested in the tips for optimizing CTF event participation. I've been looking for ways to increase engagement and learning through CTFs. The suggestions about creating a dedicated Slack channel and having a post-CTF strategy are especially helpful. Thanks for sharing!
--
3mo