Gamified Security

Gamified security is one of the ways many choose to learn or/and apply network, endpoint and cyber security amongst other concepts learnt during a career in network security, endpoint security, secure development and, of course, cyber security.

Whether you have a passion for catching the bad guys, or pretending to be a one of the bad guys to help out those defending an enterprise!

The whole purpose of gamification is to incentivize people to solve challenges related to security through competition.

The majority of times, those playing are incentivized by rewards that, if used wisely, will help participants improve their hands-on technical expertise and collaboration skills.

There are a handful of different platforms, for example:

• TryHackMe

• HackTheBox

• HoxHunt

• Education Arcade

You can also follow the link here to take a look at a handful of other games!

Another way the industry has pushed for gamified security are capture the flags. Abbreviated CTFs, these are competitions that can last from 12 to 36 hours with time depending on the organizers where a variety of challenges are made, all relating to a specific category, such as;

• Forensics

• Web Security

• Binary

• Reverse Engineering

• Miscellaneous

• and more!

Challenges in CTFs also have been rated for how simple or complex they are to resolve; "Easy", "Medium" and "Hard". Some, can also be categorized as "Very Easy" or "Very Hard".

It has to be mentioned however, that these challenges are rated by the organizers, and sometimes a challenge categorized as "Hard" might be very easy to do if you are a foresics expert or incident responder.

Some other challenges might be simply rated as "Easy/Medium" that you don't know how to resolve because you do not fully understand how to reverse engineer a program to give you the answer to the challenge!