I participated in the Trend Micro Capture the Flag hackathon a few days ago with my colleagues from Bestseller. It was part of the Trend Micro Enterprise Event 2022 program. We started early on Wednesday at 10 o’clock and, throughout the day, had an opportunity to learn more about the Trend Micro Vision One platform while solving CTF challenges. In this article, I want to share my take on this hackathon.

So, as mentioned before, we started at 10 o’clock on Wednesday. The CTF organizers divided people into pairs. I paired up with my SOC colleague. It was a natural choice as we work together daily. I had never participated in a live CTF before, so I was naturally nervous.

In total, there were seven teams from different companies. Some people already knew Trend Micro Vision One platform well. However, our SOC team used a platform for a few months, so we weren’t experts. I would sum up our experience as an occasional lookup with a few hours per week.

The CTF consisted of 3 chapters with approximately 30 questions for each part. After each chapter, you had to connect the attack story correctly to proceed to the next one. When I say attack story, I talk about how malware infected the endpoint. Therefore, a timeline had to be connected like puzzle pieces correctly.

The first CTF chapter was a bit challenging. I felt like other teams rushed further and further while we were getting behind. I kept monitoring the score, and it wasn’t good. However, our team (team 7) recovered after lunch, and we started moving up on the leaderboard. I have to say that the comeback always gives me an adrenaline rush. We landed in second place!

The other two chapters were better. I think what helped us in the CTF was the constant iteration. With each new chapter, we uncovered the required information differently. When we got stuck in some instances, we paused and tried a different approach. I think our differences complement each other, and that helps while problem-solving.

Trend Micro did an excellent job organizing the CTF. The staff was helpful and clearly explained the rules and how to access the CTF platform. Throughout the day, they monitored our progress and even offered some hints when teams got stuck.

As a team that landed second place, we also received a prize—a Trend Micro Maximum Security license. It’s a nice gesture.

To sum up the experience, it was a great day. We had fun, and most importantly, we learned a lot about the Vision One product.