Gaining experience through CTFs by Angela Ramos

[Music] [Applause] all right good afternoon everybody um as you mentioned uh my name is Angela and uh hopefully you guys are all in the right talk um which is going to be gaining experiences through ctfs but even if you're like oh crap I'm in the wrong talk stay because you might learn something new um so it's going to be a good talk um and let's just go ahead and get started so a little bit about uh the agenda um we're going to go over kind of like the five W's the who what when where and why um of ctfs what you can do for your next steps and uh I'll leave some time for question

and answers if you guys do have a question at any time by all means uh raise your hand and I will um answer any questions um yes all right so what is actf how many of you in this room have ever participated or currently is participating in a CTF oh wow oh that that gives me chills guys that's awesome um a CTF is really a generic term term to just really describe a cyber security compet competition it is a gamified version of um it also is like a gamification of learning but it also is supposed to be a lot of fun and um the capture the flag events do have some rout in like some military history but

I'm not going to dive into some of that but when um when you're looking for information during h a CTF you're going to be looking for flags and sometimes the flags are hashes sometimes the flags are files sometimes the flags are access gained to a system um or a variety of different um different kinds of answers and the the purpose of the flags is to demonstrate that you were able to successfully um complete the challenge and so once you get that flag typically you would put it um into some kind of scoring system and then you get points based upon that uh whatever challenge it is sometimes it could be a 10-point challenge sometimes it's a 100 Point

Challenge and sometimes it may be like a 500 Point Challenge and they're all based upon difficulty um of varying levels and so then that's where it kind of becomes competitive in in a healthy way and if you're um if you get the most amount of flags um for whatever competition uh you are usually a winner and awarded a variety of prizes is some ctfs um just by winning you get bragging rights some ctfs you get money some ctfs you get jobs some T ctfs you get headaches some ctfs you get a lot of experience so ctfs are a very safe way of learning cyber um if you're brand new or if you are just uh looking to transition from

um say it into cyber or looking to um get into cyber from something completely different you want to just do something different in your in your life uh just real quick this photo this photo was actually taken at um my first ever CTF when I was um going to the University of Maryland getting my Bachelor's in cyber security and funny funny thing the guy that I was standing or sitting next to I I can tell you right now I will never forget this ch challenge this was 2013 that's 11 years ago I was hacking a word site press what did we just talk about on Thursday WordPress I will never forget that challenge um because it it drove me nuts

but the guy next to me he was wearing a bside shirt I had no idea what what that even meant and so it is kind of funny to me on the inside that life is kind of coming like full circle because here I am at bside talking about a CTF so you just never know where where these things are going to take you so if you're if you're getting ready to get started in cyber how many of you are trying to break into cyber a couple of you okay well this is the way I kind of think about it when I talk how many of you are my students okay so I am so just a side

note I'm so happy that my students came today because they hear me talk all week in the fact that they want to spend a Saturday hearing me talk even more I it it just brings me tears so thank you guys for coming out um but if you think about it we're lucky enough to all live in Florida actually does anybody not live in Florida did you come did did you guys just come here for the bides oh well welcome to Florida so maybe where where are you guys from Georgia Michigan so in Michigan when do you start Beach getting ready for Beach season oh okay so very short okay yeah well for the rest of us we are

fortunate enough to live in Florida where it's pretty much Beach season slash bikini season all year round but you don't start preparing for Beach season or bikini season the weekend of Memorial Day to uh stop eating fast food maybe go to the gym once and be disappointed that you can't get into your bikini for the summer I kind of use that same thought process when it comes to getting into cyber so maybe some of you and by the way this is an AI generated uh image I am not that talented so if this is you and that is your goal way Beyond up on the top of the mountain and you want to get into

cyber but you don't see an easy path one of the ways that you can uh progress even if you're new or you're seasoned and you want to even maybe climb a higher mountain ctfs is um a path that can get you there so um just think about how if you want to get to that top what are you going to do between now and then um don't wait until Memorial Day weekend to to think about um trying to get in the bikini season and really what I'm trying to to say is especially how many college students are in the room do not wait until May right before graduation to start thinking about how you're going to get

into cyber these are the kinds of things that you should be thinking about your sophomore year your junior year your senior year but if if and if you're in the middle of a transition to from a career um you can always start it it if you already have your uh a goal in mind so a little bit about CTF history this is not a uh this is not a everything CTF history-wise but as far as we know the first CTF as we know it started back in 1996 at Defcon 4 was anybody at def con 4 no can you believe that was like almost 28 years ago kind of crazy um the the first CTF at Defcon was completely I

wasn't there myself um I just graduated high school I was somewhere in the Army somewhere didn't know about Defcon then um but it was from what I understand it was completely unorganized unstructured no clear scoring system it it was just kind of like the Wild Wild West nobody really knew what was happening so but that was kind of like the first known CTF and then it wasn't for like maybe another six or so years did um a competition called CCDC anybody participate in CCDC no anybody know what CCDC is okay we'll talk about that that's okay it's the Collegiate cyber defense competition it is a competition mostly or it is geared towards college students um and it's a competition that uh

colleges across the United States will participate in and that started back in 2005 cyber Patriots started in 2009 is anybody in high school and participated in cyber Patriot anybody have high schoolers that are thinking about going into cyber anybody with kids if your school has a cyber Patriot you may want to look into it it's a program ran through the air force Association and it is like an after school club and they teach the students purely defensive they don't teach them any offensive cyber stuff but the idea behind cyber Patriot is to it to get high schoolers interested in cyber before their interest takes um a turn to the dark side um they were trying to

capture the interest of high schoolers that have that Natural Born curiosity and they want to know more cyber Patriot is one of those ways that you can learn how to do defensive cyber without hopefully you know ruining any potential uh jobs in the future by any an authorized hacking um and then we have another one called the US cyber challenge that came about in 2011 is anybody hear of us cyber challenge no NCL National cyber League also started around that year anybody part of NCL yeah of course you guys are it's it's required they're getting graded for this um and then we have something called Pico CF anybody here Pico CTF all right this is a real beginner

friendly one um it was developed um out of MIT and we'll talk about this one being a very very very beginner friendly one and then um most recently us cyber games which of course I'm a part of how many of you have heard of us cyber games okay awesome I'll be talking a little bit about that and then what do we have Beyond ctfs are here to stay they are actually getting um unlike the first CTF where it was disorganized and no Real Clear Vision and stuff like that they are becoming so streamlined that um in specialized ctfs are really going to be um uh continue to be a part of the learning process so how many of you have ever

heard the question or the statement ctfs do not um prepare you for for real life work has anybody ever heard that okay that is a common um a common thought that either ctfs are not practical um I want to address that and and um try to convince you otherwise if you've never seen this chart before I do have a QR code to the website this is a chart that I um use very often and it is from the um the nice framework and it is a way of categorizing cyber security jobs because ctfs have ctfs have become um so uh streamlined that they are actually starting to align them with all of the different categories with the nice um

framework and when I say nice I don't mean like naughty or nice I mean the national um National Institute for cyber security education I could have get the ey wrong but it is actually for cybercity education and so when people say ctfs are not practical I want to just kind of highlight some of the ctfs that are out there and how they do map to the nice framework so the national cyber League which is a CTF that is only open to high schoolers and to college students um that CTF is aligned with operate and maintain and protect and defend so the skills that people are going to be learning uh while participating in the NCL are in

alignment if we go back to this slide to the um operate and maintain and uh protect and defend so it's going to line up to those categories CCDC also aligns with operate and maintain and protect and defend CCDC is a college only level uh cyber competition then we have cyber force has anybody ever heard of cyber force cyber force is something that is coming from the Department of educ um Department of energy and they also follow operate and maintain and protect and defend NSA code Breakers anybody ever participated in NSA code Breakers that's another challenge um I want to say that one is only open to college students as well and faculty and staff but this particular CTF is a

little bit different because it goes into the investigate and then securely provision so the challenges are going to be completely different um than what you would like see in a CCDC or cyber force and then the US cyber challenge which happens to be one of the first um ctfs that I ever participated in um they also do oversee and govern and then securely provision and then uh and this is not an inclusive list these are just some of the ctfs that I'm familiar with I've been a judge in cyber force um I'm a coach for NCL I participated in codebreaker for some reason we don't have a CCDC team but I'm not going to point any

fingers that's okay next year right next year and then of course us cyber challenge was my first CTF and then us cyber games um us cyber games is completely different than these other CTF or um competitions where us cyber games they also align with the analyze collect and operate and investigate operate and maintain no oversee and govern but protect and defend and then securely provision so this is why this CTF or um is at a much different level than some of these other

ones so who who participates in ctfs so um I come from the dod so I know anytime that I talk to leadership they always want the five ws so when I thought about this I realized there's actually two different who's there's the the people who are organizing the ctfs and then there's the people who are participating in ctfs So within the um within the government um do we have any federal employees in the room have you guys ever participated in the presidential cup are you guys aware of the presidential cup the presidential cup is a specific CTF open to any federal employee reg regardless are you are you 2210 are you guys 2210 so if you are any other field

besides like computer science or a 2210 and you want to get into cyber um every year the uh the President's Cup opens up and you can actually compete within that it and it's only open to federal employees um along with other government agencies um as mentioned the NSA code Breakers um that is an annual CTF DARPA also has a CTF and siza is the one who uh runs the presidential cup then we have corporations um here locally um we participate in an annual CTF at Raymond James and this year we're going to win yeah yeah all right come on guys remember all that chearing at the beginning um but Raymond James um we participate here locally with that then

there's things called like boss of the sock which is also like another takeoff on uh a CTF and then we have um colleges and colleges can kind of get a little complicated because you're either an ncae school or you're not and some ctfs will depend on which college you go to so as long as you're going to say UT USF um St Leo um um I I think HCC is also ncae and some of the other community colleges there are more opportunities because of that partnership with the NSA uh the NCL National cyber League once again you either have to be in high school or um College to participate in that and then CCDC and then for nonprofits there's

actually quite a few um nonprofit ctfs that are ran how many of you have heard of Trace labs all right so Trace Labs is a um nonprofit we'll talk about them in a little bit um oasp also has a CTF um in the form of Juice Shop you can turn it into a CTF I wouldn't offer any prize money because all the answers are available online but it is a fun way of um of learning and then um some other nonprofits as well so who can you who can participate this part kind of got a little I I was trying to figure a good way to to segment the different ways that you can participate but you can be

a college student and participate in a ton of ctfs that are only available to you while you're in college so if you are a college student or you have a college age student at home that's considering maybe cyber ctfs can be a really good way for them to to get involved um career transitions I know for me I spent most of my life um in it until uh one thing led to another and then I finally made the transition into cyber or maybe a current professional maybe you're a teacher maybe you're um some other field and you're like you know what I'm tired of manual labor I want to I want to go and work in in

cyber I find it interesting um so anybody can really uh participate into uh a CTF and um this is just a screenshot of us cyber games uh we're going to be kicking that off that is something that is open to we have an age restriction um but it's typically an uh College college age up to like 27 I think but I I can talk more about that as well so what kind of ctfs are even um available so you can participate in a CTF either as a team or as an individual uh so that can vary on which kind of CTF you participate in there are there's something called Jeopardy style red versus blue and then mixed which is

um a combination of Jeopardy and red versus blue so with um how many of you prefer team games for ctfs oh oh really I thought it would be more maybe you guys don't have good teams H um for me my first my first CTF it was a team um because I didn't really know what I was doing um I learned a lot from from my team members um because a CTF can be intimidating but if you do an individual game sometimes individual games could be more fun because you can learn at your own pace and then maybe your classmate or your coworker doesn't have to know that you really don't know um things that maybe they thought you

would know so it does expose some um insecurities uh while you're doing ctfs because you may think you know everything but then you get behind a challenge and you're like wow you start rethinking your your your career choices and everything because you're like how how am I even supposed to begin to solve this um so so you can decide which on to participate if you like team games or individual games Jeopardy style is one of the most common forms of a CTF that you're going to see these are typically yeah bless you uh these are typically Standalone questions that are broken up into different categories and these types of ctfs vary they can either be um

a couple of hours they can be a couple of days a couple of weeks um or even a couple of months or even longer it all just depends on who is hosting that kind of CT um and then we have what is called red versus blue um I'm going to highlight some of the UT students because recently we were able to participate in um when I say either a CAE school or nonae School CAE schools are the center of academic Excellence which is a designation from the NSA and it's kind of like a stamp saying that um the curriculum meets the NSA standard um for for for um higher education and so once you if you're part

of a CAE School you get to participate in something called the ncae Cyber games and this is actually a red versus blue type of CTF mixed with Jeopardy style so when people say that ctfs aren't practical the students were not even able to access some of the challenges until they fixed the blue team infrastructure because the red team purposely took down most of the services and they had to figure out how to get the services up and even in order to even compete in the Jeopardy style uh CTF so they had to learn how to um get SSH up and running um DNS up and running um pretty much like all of these Services which is uh more based on the

blue team and the defensive practices and they also had to change the default passwords um so it was really cool because as they were also doing the competition the red team was actively trying to take down their services and this particular CTF was a what was it like 7 hour long it was a one day CTF that took about seven hours but at the end um it it was great so what are some CTF categories so the the most common that you're going to see are going to be things like uh web exploitation binary exp exploitation um cryptography ents um password cracking uh forensics and networking these are the most common and what I like about the various CTF

categories is that you may have never known that you liked forensics until you try CTF um or you may realize that you never want to go into forensics ever um because like last semester one of the Fe back that I got for having the students do NCO they're like yeah I don't want to do this they're like I just want to do policy I'm like that's great but if you don't understand some of this you know to be able to understand policy you're going to need to see how easy it is to crack passwords you're going to have to see the side of it to be able to make sure that you understand the policies

that you're either writing or supporting so you never know and you might discover something about yourself that um you didn't know before so it it's there's there's really no risk in participating in ctfs um and and you can kind of explore the various areas because if you're sitting in here and you're wondering if you're what you want to do in cyber the answer if somebody asks you what do you want to do in cyber security the answer should not be I want to do the Cyber um that's really really vague so it's this is a way to kind of think what do you want to do because some people if you maybe they really thought they

wanted to be in digital forensics but when they do this they're like yeah no I don't want to do this it's better to find out now than to find out three years into your job and then the life of you is just sucked out you dread going to work every day um figure these things out now before there's uh it's less risky so um there's a couple of so besides like the typical CTF categories um there are what I call like targeted ctfs and this is where ctfs IC going in the future they are becoming more and more specific so like for example example the miter CTF it is all on embedded systems um and it's a

very very long CTF I want to say it's either a one or a twoyear CTF it's not one of these ones we're going to do it in an afternoon and be done there is a social engineering CTF that is um hosted by Temple University so only uh college students can participate in it but this year's theme did anybody participate in the social engineering CA the theme was tax fraud and you're supposed to try to socially engineer people with taxes especially come April don't forget to do your taxes we also have these events called hack the port ha hack the hospital or hack the rail anybody ever hear of these events they are so amaz you got to read

about hack the hospital um our good friend over at UCF they won that CTF anybody want to guess what one of the flags was so typically a hash like Hash a file whatever in this CTF it was a baby part of the it was a fake baby it was a fake baby it was a fake baby but um part of the CTF was could you take a newborn baby and smuggle it out of the hospital and anybody who has kids that's like a parents wor nightmare um having your baby stolen the team at UCF was able to disable all of the sensors that are put on newborns they were able to like every security measure from the

nicku to the front door they were able to disable it and smuggle out the baby um so that is beyond like um hey crack this password or you know look at this peap file and they also um are going to be doing another event in Fort I want to say it's Fort Lauderdale and they're going to be doing a similar thing where it's hacking the port and they're going to try to hack all of the uh the port controls and they did the same thing with um hack the rail which was with Amtrak and they were trying to hack everything related to the railroad hack a sack and not hacky sack um you know anybody

know we're people back in the 80s that grew up understanding this stuff okay hacky sack hack aat is actually uh anybody here of this event this was um at Defcon and they were actually live hacking satellites that were already in orbit and the winners of that CTF I want to say I could be off but I want to say it was like almost like a $10,000 prize this is something that anybody can participate in you don't have to be in college and then the other one is Trace Labs um the next this one is OS and this one to me is super super exciting this is where you use ENT which of course is open

source intelligence you use those same techniques that we do in cyber security but instead of using it to map out a network or map out an organization you actually use those same skills to find real life missing people and um and it's really cool because the flags for this competition is pieces of intelligence that you can can give to the judge of the CTF and if the information is uh really good information they will actually pass it along to the investigators that are uh looking into the case in order to hopefully solve um that missing person there is a an event it's going to be on 420 um and I just got to know if if you

join the trace lab Discord they have all the details in there um it is $20 to participate but that ru they're not making money off of this it's really to go towards the infrastructure and they limit it to um like 300 people so if you're interested the tickets go on sale April 88th but just join their Discord um and um they'll have all that information but this one is a a lot of fun and and um we will be participating in this one as well for the ladies in the room I just got permission to post this I don't have the URL yet but I can get it to you if you needed for the ladies

in the room for uh us cyber games so just real quick about us cyber games us cyber games um started in 20 uh 2021 and the goal of us cyber games is to build a competitive CTF team on an Olympic level and um and right now I'm a pipeline assist I'm part of the pipeline program so I'm helping all the people who did didn't it make the our primary team and helping them prepare uh for next season's team and we do that through um virtual trainings and sessions and ctfs and all kinds of things to get them ready for the next go around well as we all know and if you look to the left or

to the right there's not that many women in cyber so part of what the US cyber games is putting together is an all women's um competitive uh CTF team and their first competition will be in Tokyo Japan in November so if you know any women who are interested in partic like the main us cyber games they will be participating in ctfs in Chile Italy um I want to say they went to Denmark they travel all over and the people who um are uh the we call them cyber athletes they are college students or just recently graduate uh college students and if you are interested by all means see me anybody going to whis next week in

Nashville no all right well whis women in cyber security will also be having a CTF um since nobody's going to be there I guess the details won't matter because I'm trying to find out if you can participate virtually with this CTF or you have to physically be there but um it is being sponsored by the national cyber league and I will be up there being a CTF F coach for um for the whis convention so that's going to be a lot of fun but seriously anybody who's interested in either one of these please see me we have another another category of CTF so we talked about the Jeopardy style red versus blue targeted type of

ctfs this one is kind of a new category as well and the only one that I'm familiar with is um it's called wicked six and it's been around for a couple of years and we just finished um the the latest season and it is a 24-hour hackathon basically um from all over the world and it's only done once a year for 24 hours and um I got a brag on the US cyber team um we had players from Spain Philippines Malaysia um the United States um all various countries um but our team um won the all women cyber team tournament and that's me on the right but honestly it was it was the it was

the players that did all the work but it was cool because you would actually be able to stream us hacking um and watch our techniques and and see how it how how we work through some challenges so here's I there are so many ctfs I could not actually put them all on a list it was actually really difficult so um I tried to break it down to like okay okay if you're in high school what can you do if you're in college what can you do um I talked about most of these this one is another good one that I recently found out about but it is the global Collegiate pen test competition cptc um so most cyber um comp ctfs are

typically like more blue team and defensive um even if they are Jeopardy style but this one is specifically a pentest competition for um College and then us um the cyber force they are kicking off another round of their CTF called conquer the hill and I want to say the registration for that CTF is now open um so then I was thinking okay well if you're not in high school and you're not in college what are you well you're either a noob or you're a pro and so if you're a noob there are a lot of options um picoctf is um something that is like super easy you can get started on that today and try it out um Google CTF um

that doesn't happen all the time Pico CTF you can just log on to their website and start try hack me hack the Box um OS Juice Shop uh sans's holiday hack um is also another good one uh Defcon in their CTF and then um the the one from DARPA that I believe this is also another twoe CTF but it is an AI CTF um and it looks really really interesting um it's probably beyond what I had the brain capacity for now but if if you are looking for some like really challenging stuff definitely look at the ax uh CC so there are seasons of ctfs as I mentioned sometimes it's a onetime event sometimes it's a rolling event uh

sometimes it's seasonal like the sand holiday hack every year that it's a a holiday theme and they have a ton of cool challenges um then this one is more like a programming but it's called the Advent of code and then depending um also some of them are semester based so us cyber challenge it happens every single fall every single spring NCL also every single spring every s single fall and then hack the Box will have a university CTF usually like maybe once a year is what I've been seeing like once a year they'll have like a university CTF uh this is just a screenshot of the cyber cyber force competition so um the conquer of the hill is the one that

they're getting ready to start they kind of focus more on the critical infrastructure um when I was a judge for the last uh CTF with them it was actually um rather impressive it was a multi-day um kind of CTF that they were focusing on the security of the smart uh readers for your home for um for meter reading and then this is just a screenshot of CTF time this is another option that you can um participate in ctfs whether you're a college student or a uh seasoned Pro you can join a team or you can make a team or you can be an individual um but this is something that you can just hop on take a look at um

what challenges are coming up and um sometimes the qualifiers um for other bigger ctfs are being used on CTF time so you uh if you want to get started this is something that you can easily get started on

today so why participate in ctfs some of you guys may look a little familiar in these pictures um these photos are actually this is from the Raymond James CTF and then this is from our first ever CTF that we had at the University of Tampa and that's a CTF from us cyber challenge it's fun it is uh create your creative thinking um is activated you learn by doing how many of you like to sit there and listen to a lecture or go to a boot camp and all you do is hear the instructor talk it's really hard to learn that stuff right if you're not behind the keyboard you get to do this in a safe learning environment as I tell

my students all the time some of these CTF things if you do them on your own for fun you can land yourself in jail so use these things as a educational way to learn uh time management yesterday during um during NCL students were getting frustrated they're I'm like how long have you been spending on a challenge ah like 30 minutes that's too long set a timer take a break know when to come back and I'm like and the reason why you have to understand time management has anybody ever worked in a sock yeah and how long can you spend on one alert and then next thing you know you miss lunch you miss dinner crap it's

the next day and you're just in a Zone you got to learn time management and T and ctfs almost force you to do that you get um exposure to different domains um that should say domains with the last CTF that we did uh two weeks ago some people have never me never messed with DNS so like for them to get it up and running there was a lot of learning and a lot of challenges but you got it was exposure and you might not be an expert on it you know the first go round but it also tells you what you know and what you don't know and just how much much more you have to learn

teamwork I absolutely loved seeing the teamwork um through some of these challenges some of them were in very deep thought and they all working together and they're like well did you try this no man I didn't try that well did you try that no that didn't work either because the same thing when you're working on a problem in the work uh Place sometimes you're going to have to depend upon your teammates because not does anybody in this room know everything and it's it's going to be the same thing so when you're in the sock or whatever field you go into or whatever role you go into you got to learn teamwork you got to know how to be able not even be

able to work with a team but also be able to communicate to that team and say look I'm trying to solve this challenge I can't solve it well what have you done I tried everything well what what did you do everything and then Cross Your Arms huff and get upset same thing in the work if you're working on an alert or something and you ask for help you got to be able to say look I'm trying to get the DNS server back up and running I tried this I looked at this log I'm checked for this service and I did this and I did that I still can't get it to work that is way better for

communication and teamwork than just just get it working for me and and and you see that you see that in the early stages of a CTF where people get frustrated and and need to learn how to work uh with one another it is for sure a mental sport um you know a lot of us how many of you played Sports in high school or college oh that's actually pretty good so how many people were in banded all right there's my people see maybe maybe that was my problem I didn't participate in enough sports in high school um because I I I was I was in band um and it takes a lot of mental energy to to do this and it becomes um

it can become draining but by the by the the next day and you reflect after your CTF what did you learn what did you not learn um it also allows for a time of reflection and then of course fun um every CTF that I've been a part of um there's been laughter there have been arguments but at the end of the day everybody comes together and says you know that was a lot of fun um [Music] so once again here's my first CTF we actually did win now some people in the room would probably be upset that the gentleman in the middle and the person on the left which is me um would win because I hear this all the time oh

they're like 50 years old that's that's not fair you can start in cyber security at any age there is no restriction I was I don't know how old I was I was probably in my 30s um I was an adult I was a um an adult learner um going back to school never heard of a CTF until I was told about it through my coworker and and I'm like what the heck is a CTF he's like well let's let's work on some challenges and I had tons of experience in it but I had zero years of formal formal uh cyber security training um but our team our team was called Groot so when you guys see Groot in my

office it's because of that but we did end up winning um that particular CTF and um and it La left a lot of lasting memories and is also why I'm so passionate about WordPress all right so what are your next steps so commit to learning whatever uh whatever that means to you set up your own virtual machine and tear it down set up your own virtual machines tear them down do that I don't know how many times 50 60 whatever keep doing it it gives you a lot of practice sign up for a CTF uh us cyber games um it does start on May uh 30th also for any uh ladies in the room uh anybody here the

50 project couple of you okay so uh the 502 project I could talk about that at another time um but uh I am going to be the team captain for the Cyber sages Squad and it will be for just women over 30 who are either uh moved away from the technical side or trying to do a transition um into into cyber we really don't care about your age we're just trying to um make us feel more comfortable about ourselves so um but what are the next next steps the next next steps I would say volunteer um volunteer to be a judge for a CTF they're always looking for uh volunteers um be a mentor or a coach for

cyber Patriot us cyber games is currently recruiting for team coaches um and um we have a coach for all the different categories so we have a a coach for for web um binary exploitation we have like a coach for all of those so if you're looking for a um to be a judge volunteer for cyber Patriot um start a cyber Patriot chapter at your local high school um the high schools are very receptive to this start a CTF in your workplace um ctfd is a great platform for um creating ctfs and then um also volunteer to create challenges and then with that um this is a QR code to my LinkedIn um I'm always posting new

Cyber uh or ctfs and other related information and uh we have time for a couple of questions if anybody has any [Music]

[Music]