What is this?
Retrospect Labs and the Adelaide AISA committee have partnered to provide a competition style incident response exercise in support of the AISA Adelaide Cyber Security Conference.
One week before the conference, starting on the Wednesday 18 August 2021, participants will be provided with a scenario that simulates a real-world incident. The exercise will include forensic artefacts that participants have to analyse to understand what malicious activities have occurred and how the adversary undertook those activities (their TTPs used). Participants will have to undertake standard incident response activities, such as identifying IOCs, providing mitigation/remediation recommendations, and assisting media/legal teams.
Throughout the exercise, teams will submit certain tasks common to incident response activities. These tasks will be used by a panel of expert judges, who will evaluate the performance of each team during the event and based on the tasks they complete, and name a winner/s during the panel discussion at the conference.
When is it running?
Officially kicking off at 9am, Wednesday 18 August 2021 and ending 9am, Wednesday 25 August 2021.
Who's this for?
All participates are welcome. People with some SOC/Incident Response skills (some familiarity with common incident response tools or incident response frameworks) will have an advantage. Teams can be from one to five people.
How do I join in?
Participants can register as a team via the below Eventbrite link:
Once registered, teams will be given access to Retrospect Labs' cyber security exercise platform, named Gauntlet. Information (injects and forensic artefacts) will be distributed via Gauntlet.
What else do I need to know?
Participants will be able to control the pace of the exercise and will have the flexibility to compete outside of work hours. You can start the exercise whenever you like, work through it at your own pace – but everything must be completed by 25 August. Participants won't be judged on how long they take to complete the challenge.