Last week the large-scale five-day cyber training The Standoff organized by Positive Technologies ended.
Our experts also took part in the competition as a Red Team. Six teams participated on the defense side and 29 teams from different countries on the attack side.
Since the event was held on working days amid projects, our resources were limited, and only 3-4 people worked for the victory (as opposed to 10-15 people in other teams). However, our team of penetration testers managed to get into the top three, and the first days before the start of the working week, we held first place.
During the competition, the attackers had to find vulnerabilities in the six organizations’ network perimeter (oil refinery, airport, business center, bank, etc.), penetrate the internal network, and implement various business risks (theft of documents, stopping production).
Some of our employees have participated in The Standoff in previous years, winning in 2016 and 2017.
Such competitions are not unusual for us because they offer tasks to test typical infrastructures that do not contain any non-trivial vulnerabilities. The main difficulty is not the vulnerability analysis but the stealth usage of the right tools.
The primary source of success for us was discovering many web application vulnerabilities and auditing the source code of various open-source products.
To test your infrastructure’s security, you can employ one of the best hacker teams, as proven by various competitions. Please contact us for penetration testing services.
We perform both standard security assessments and penetration testing and more in-depth research, consulting, and building secure development processes.