Suz Hinton

Yeah, and I mean, they do design the CTFs to be really satisfying too. There's nothing more satisfying than running a bunch of checks on a company and you're like, well, you guys are pretty good, but we can't give you a guarantee. It's like what you said, it's very anticlimactic, whereas they design the CTFs to specifically be a game.

Yeah, and I mean, they do design the CTFs to be really satisfying too. There's nothing more satisfying than running a bunch of checks on a company and you're like, well, you guys are pretty good, but we can't give you a guarantee. It's like what you said, it's very anticlimactic, whereas they design the CTFs to specifically be a game.

And so you do get those moments where you just miss something and then you find out the answer and you're like, oh, you know, and then there are other times where you're one of the only people that found something and it feels really thrilling.

And so you do get those moments where you just miss something and then you find out the answer and you're like, oh, you know, and then there are other times where you're one of the only people that found something and it feels really thrilling.

Joe, what were yours like before I got here?

Joe, what were yours like before I got here?

Yeah, I think I did a mix of them. So I did CCDC, which is the Collegiate Cyber Defense Competition. I did that with a team and that was just the defense side of what you just said. So they do hire professional red teamers and there are, you know, like, you know, a team from every single college that's participating and this, you know, I think eight of us, and you have to lock down.

Yeah, I think I did a mix of them. So I did CCDC, which is the Collegiate Cyber Defense Competition. I did that with a team and that was just the defense side of what you just said. So they do hire professional red teamers and there are, you know, like, you know, a team from every single college that's participating and this, you know, I think eight of us, and you have to lock down.

They give you an incredibly vulnerable network. The gist of the story is they've just sacked the entire IT team and they've hired you on as the new IT team. And you have to like basically audit the whole system, find out how it's vulnerable, lock it down. So it's the same as what you were saying, but we don't have to attack anybody.

They give you an incredibly vulnerable network. The gist of the story is they've just sacked the entire IT team and they've hired you on as the new IT team. And you have to like basically audit the whole system, find out how it's vulnerable, lock it down. So it's the same as what you were saying, but we don't have to attack anybody.

But you spend the first day just auditing, trying to lock things down. They interrupt you with business requests. So you're emailing the CTO. He's like, oh, I want you to look into crypto as a product. Can you like give me a report on crypto by the end of the day or something, you know?

But you spend the first day just auditing, trying to lock things down. They interrupt you with business requests. So you're emailing the CTO. He's like, oh, I want you to look into crypto as a product. Can you like give me a report on crypto by the end of the day or something, you know?

And so they're constantly interrupting you and trying to simulate a real business environment where you're just fighting for your life. And then, yeah, like you said, if they just find one vulnerability, which they will, all of a sudden you've got two, two trains on your console and then certain other boxes are boot looping and you're just like, oh my God.

And so they're constantly interrupting you and trying to simulate a real business environment where you're just fighting for your life. And then, yeah, like you said, if they just find one vulnerability, which they will, all of a sudden you've got two, two trains on your console and then certain other boxes are boot looping and you're just like, oh my God.

And you're just like, it's an actual fire right now. And so that was a very stressful one that I did, but the others were more about They're trying to give you experience with everything in cybersecurity. So, you know, there'll be an encryption section where there's puzzles. They'll give you a bunch of encrypted texts and they're like, what does this say?

And you're just like, it's an actual fire right now. And so that was a very stressful one that I did, but the others were more about They're trying to give you experience with everything in cybersecurity. So, you know, there'll be an encryption section where there's puzzles. They'll give you a bunch of encrypted texts and they're like, what does this say?

And it's more about answering the questions and completing as many of the challenges as possible. And they're just smaller toy challenges. And they'll also, you know, challenge you to actually get into a box, for example, and then, yeah, find the flag and report what the flag was. And so I've done a big mix of them.

And it's more about answering the questions and completing as many of the challenges as possible. And they're just smaller toy challenges. And they'll also, you know, challenge you to actually get into a box, for example, and then, yeah, find the flag and report what the flag was. And so I've done a big mix of them.

And then there was the reverse engineering one, which was NSA, and that's totally different again. And so, yeah, it's been a variety. I think I like the ones where I can just sit and tinker. But the cyber defense one, I really feel like I leveled up, especially in Linux. We spent months practicing and running password reset drills and things like that and being able to audit.

And then there was the reverse engineering one, which was NSA, and that's totally different again. And so, yeah, it's been a variety. I think I like the ones where I can just sit and tinker. But the cyber defense one, I really feel like I leveled up, especially in Linux. We spent months practicing and running password reset drills and things like that and being able to audit.