Security Innovation releases next generation of free Blockchain CTF (Capture the Flag) platform
New vulnerabilities, game mechanics, and guidance offer unrivaled skills development for smart contract competency
Wilmington, MA – December 12, 2018 – Security Innovation, a pioneer in software security assessment and training, today released version two of its popular Blockchain CTF, a first-of-its kind platform for Smart Contracts. The interactive “learn by doing” platform leverages the company’s expertise delivering simulation training, like its CMD+CTRL Web Application Cyber Range.
Blockchain technology is nascent and complex, which forces both technical and leadership teams to create a new model for security thinking. “Blockchain projects abound these days, but we can’t fall into the same pitfall that has plagued other emerging technology, most recently embedded IoT” said Mick Ayzenberg, Sr. Security Engineering and creator of Blockchain CTF. “Security must be considered as new functionality is created and that requires specialized knowledge. Blockchain CTF provides experiential learning for smart contract security in an engaging way that players of all skill levels will enjoy.”
Blockchain CTF offers a realistic platform, replete with hints, guidance, and a scoreboard, to help teams hone and assess their skills. It is a Decentralized App (DApp) with a series of vulnerable smart contracts that contain realistic business use cases, ranging from decentralized trust funds to automated royalty agreements. Each contains commonly found vulnerabilities and participants are challenged to exploit them to steal fake assets and earn points. This latest version features new challenges that contain more types of vulnerabilities, such as unexpected balances, not-so-private variables, and additional improvements:
- Challenges and CTF updated to Solidity v0.4.24, so features such as revert messages are now included.
- Ability to launch/relaunch challenges in any order
- Support for Metamask privacy mode
Additionally, Security Innovation has partnered with ConsenSys Diligence to offer direct access to a Mythril Classic security analyzer tutorial that can be used to help solve challenges. "While expertise is critical to conducting smart contract assessments, complimenting it with tools to quickly gain insight into problems yields optimal test coverage. We are excited to combine our powerful Mythril Classic security analyzer with Security Innovation’s CTF platform to make smart contract vulnerability testing more impactful and educate the community on security best practices." Bernhard Mueller, Product Engineer @ConsenSys Diligence
Security Innovation is fluent in blockchain technology, including the areas of smart contracts, decentralized apps (DApps), web3, hardware wallets, on-chain and off-chain scaling solutions, consortium chains, and novel privacy techniques. Blockchain CTF was developed as part of the company’s ongoing commitment to help organizations solve their cybersecurity issues and contribute cutting edge research to the security industry.
About Security Innovation
Security Innovation is a pioneer in software security and trusted advisor to its clients. Since 2002, organizations have relied on our assessment and training solutions to make the use of software systems safer in the most challenging environments – whether in Web applications, IoT devices, or the cloud. The company’s flagship product, CMD+CTRL Cyber Range, is the industry’s only authentic environment to build the skills teams need to protect the enterprise where it is most vulnerable – at the software layer. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit www.securityinnovation.com or connect with us on LinkedIn or Twitter.
Security Innovation Media Contact: