Cyber ranges

Infosec Skills Monthly Challenge is here: Are you ready?

September 1, 2021 by Elise Chan

Join the quest for new skills, bragging rights and over $1,000 in prizes. Each month, we’ll release a brand new challenge to put your cybersecurity skills to the test. These challenges will include three hands-on labs within our realistic cyber range to help you put theory into practice. 

Complete all three labs and you’ll receive an official certificate of completion. If you want to win more than bragging rights, be sure to share your certificate of completion on LinkedIn and tag @Infosec for your chance to take home the monthly bounty. What prizes are up for grabs? 

Every month, we’ll be awarding $1,000 in prizes to three randomly selected winners: $100 Amazon USD gift cards, Infosec hoodies and 1-year subscriptions to Infosec Skills.

Get Started

Who can participate?

Anyone with an Infosec Skills account can unlock the monthly challenge. Don’t have an account? No problem! You can create a free account in just two steps.

With a free account, you’ll have access to the monthly challenge and other featured content to help keep your cyber skills sharp.

Now announcing the Infosec Skills September Challenge!

Attention wearers of many cybersecurity hats: this is the challenge for you! Learn how to use the Sandworm APT, explore the ins and outs of secure and insecure protocols and how to code securely with Javascript. Launch this month’s challenge now!

Infosec Skills September Challenge: Insecure protocols, secure coding and Sandworm APT | Free labs

Lab #1  — Security+: Secure and Insecure Protocols

Security by design is an approach to software and hardware development that aims to construct systems free of vulnerabilities by implementing best practices and safeguards. However, it is relatively new as a notion, and prior to it, the aim of software developers was more oriented in functionality than security. The same principle can be seen in protocols such as HTTP, FTP, or POP. Because they apply no data encryption, these protocols are often referred to as clear-text protocols. Anyone who is intercepting the traffic between two entities that communicate using clear-text protocols can see the data flowing through the network in plain text. These protocols gave rise to attacks such as Man-in-the-middle (a malicious actor impersonating legitimate users) and sensitive data exposure. To cover the security holes of clear-text protocols, versions that applied encryption to data were developed.

Lab #2  —  Secure Coding Lab: Javascript

This lab covers multiple secure coding errors commonly found in JavaScript, including DOM rewrites and the use of the eval() statement.

Lab #3Sandworm APT

Sandworm APT is an advanced hacking group that has been active since at least 2009. In this lab, we’ll take a look at and emulate some of the techniques that Sandworm has used in the past to compromise, pivot from and destroy a server.

Start The Challenge

Posted: September 1, 2021
Articles Author
Elise Chan
View Profile

Elise is a communications professional with six years of experience in a variety of industries — ranging from insurance to website development. As a Product Marketing Manager at Infosec, she focuses on helping cyber professionals discover and understand what training is best for their team.

Leave a Reply

Your email address will not be published. Required fields are marked *