Introducing Private Hack Notifications

Share Button

Being in Alpha we want to see how things goes among our users activities, how our platform works, what bugs are there and what features can be added to enrich your experience whether you’re web developer, system administrator or security professional.

Alpha stage is for web developing companies, security company representatives, computer security faculty, companies that have information security departments that need continuous training, infosec conferences organizers, CERT/CSIRT as well as any organization such as OWASP or infosec focused to test and see how CTF365 can help them.

Attack Side of the Platform

Up till now, looks like there are serious hacking activity which proves that our idea to build a Security Training Platform for IT industry, is a good one. Teams started to hack into servers developing new attack strategies or using what they already know.

(image courtesy to Shodan CTF365 Team )

CTF365-Activity

As we stated before, we encourage you to setup your fortress with as many web apps and services as possible and let them run. After all like this real internet works. Have no inspiration? Read Get your Team and Pimp that Server.

When a scoring is reported and approved, we only announce that team X have hacked/scored again without pointing at the team that have been hacked and we assign points for the team and points and badges for the user who have reported.

Disclaimer: We know the points system and the way we assign is not perfect but we working on this too and if you want to find out more, you can read CTF365 – Points, Scoring System and Rules.

Defense Side of the Platform

If things for offensive teams are clear, what about the team that had its fortress penetrated/hacked? How CTF365 can help users to improve their defensive tactics to get better and better? How can we improve the way web developers, system administrators and Blue Teams can speed up their defensive counter measures when they get hacked?

We have the solution.

Starting from now on, when a scoring will be approved, we’ll send a private email to that hacked fortress team members letting them know that someone got into their system.

This will help the defeated team to act in a very short period of time to fix their vulnerability, improve their defence tactics and learn from the attacks.

The email will have specific subjects and clear specifications like:

Subject line – If there was found an XSS, then the subject will be something of the form:

 

Subject: CTF365 Fortress Hacked – XSS Founded – Take Action

Hi there,

Your CTF365 Fortress have been compromised by (Subject line – e.g. XSS). The url is:

http://Your_Fortress/ViewProfile.html?hash=localhash%22/%3E%3Cimg+src=abc+onerror=alert%28%22c-base.org%22%29%3E

Immediate action require.

Stay secure while having fun. :-)

 

CTF365 Team

 

You will have a snapshot where possible like the one bellow for TakeOver.

hack-13

Beside that Fortress’s Team can take immediate action, the biggest and coolest advantage is that you don’t have to be connected 24/7 on CTF365.

We’ll take care to keep you informed like in real life threatening/breaching alerts. This will help security professionals, web developers and system administrators to stay focused on their real activities while gets best training environment.

Designed for security professionals, system administrators and web developers, CTF365 it’s a top notch training platform that offers five stars services regarding training, learning and improving offensive and defensive web security.

If you are a business owner or representative that think CTF365 can be a good asset to your company and want access to Alpha Stage, just send us an email to support [at] ctf365.com with Subject line: Alpha Access and we’ll grant your access.

Stay secure while having fun. :-)

Share Button

Marius Corici

Lazy entrepreneur: Thinking a lot to do less, preserving energy, providing simplicity.

You may also like...

1 Response

  1. March 4, 2014

    […] This feature will help our users to focus on their day by day duties without worrying about their CTF365 fortress. You can read more on Private Hack Notification. […]

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>