RVAsec had an amazing inception last year, and we have been busy at work planning the second iteration, which will take place from May 30th to June 1st, 2013 on the VCU campus in Richmond, VA. This year’s event should be every bit as exciting and full of great opportunities to learn and connect with your fellow colleagues.
In conjunction with the SecuraBit podcast (which is also in Richmond), members of the richSEC organization are putting together a Capture the Flag (CTF) event to be held during the conference. The goal of the CTF is not simply to be a venue for folks to flex their tech skills, but rather an interactive learning/demonstration of real world scenarios that affect anyone that has a computer network.
The team has been hard at work coming up with what we like to call an “everyman” type of CTF. Not elitist, not intimidating and something that won’t take up all of a participant’s time at the con; a CTF where any level of IT participate. Whether you’re a student, a hobbyist, or don’t even have the word “security” in your job description, we’ve got something you will be able to play with and actually learn from! That’s our challenge: to ensure some folks aren’t intimidated by what we have up, but also not to bore anyone with simplicity.
The CTF’s goal: everyone involved is challenged, forced to use critical thinking (not just push the easy button on a tool) and has “ah ha!” moments. We want anyone to look at a challenge and say “That could really happen in my environment! Let’s fix that!”. Security professionals who have not had firsthand experience with how penetration testing takes place will also see some of the attack vectors that can be used (not just MS08-067). The penetration testers and reverse engineers out there will hopefully find themselves challenged as well.
We will provide more information as it becomes available. If you are interested in helping please let us know!