We're flipping the script on security awareness training for your dev team! How?
By showing developers the art of breaking things – yeah, that's right! In diving into the mindset of attackers, we're fueling developers with the ability to better understand vulnerabilities in order to craft ironclad code. But we're not just teaching it through video - though we do have 15 new, in-depth developer trainings, too! What we're adding to the mix in addition to our new video trainings especially for coders are our Wizer CTF Challenges.
What is a Wizer CTF Challenge?
These types of CTFs - or Capture the Flag - is sorta like a digital treasure hunt where participants hunt for hidden text (a.k.a. “flags”) as evidence that they successfully manipulated the source code to their advantage - either as a competition or for learning. Our Wizer CTFs are designed to be both a little friendly competition AND educational! And to top it off, tailor-made just for developers.
The goal of our CTF challenge is to provide hands-on exploration to help dev teams learn to develop code more securely - reducing vulnerabilities (and even bugs!) before launch! Who doesn't want that? As our founder Gaby likes to say, "Secure code is quality code."
How Does It Work?
We'll have six active challenges live at any given time and will release a new challenge every 2 weeks. At the date of a new release the oldest live challenge will be retired and a short takeaway provided by the mastermind behind it all, Wizer's own CTO, Itzik Spitzen. (More details on the writeups in a minute.)
As our CTFs are educational fun - and we want to make it relevant to as many as possible - currently challenges will be focused on Javascript with the complexity of the challenge varying for each new one released.
When you land on a new challenge what you'll see includes:
- How spicey the challenge is (aka difficulty level)
- How many attempts have been made to that point
- The coding challenge
- The area to drop the payload
- Public leaderboard
There's also an opportunity to share with your colleagues and an invite to join the community on our Discord server to hash out trouble issues and find support.
Do the Writeups Give Away the Answers?
As mentioned earlier, when a challenge is 'retired' that simply means the leaderboard will no longer be updating, but the puzzle will still be accesible to solve. However, the retired challenge will also have a writeup, but it doesn't give the answer straightout - where's the challenge in that? We don't want to spoil the fun for any who come along later.
Rather, the recap provides takeaways to help drive home the lessons the challenge aims to highlight. Plus, Gaby and Itzik provide a live recap as well for those who prefer a little interaction. Check out our first CTF writeup here or catch a snippet of the recorded live below.
Who Can Join?
Curious to give it a go? Our CTFs are open to any coder of any level. If one challenge isn't spicey enough, check out a few of the others. Are you a noob to CTFs? No problem - we have something for every skill level. And staying true to our Wizer Mission to make security awareness available to everyone any developer can access them at wizer-ctf.com, no account needed.
But wait, There's More (Or Will Be Soon)!
- XSS Mitigation
- SQL Injection Mitigation
- Server-Side Template Injection
- And More!
These videos aren't part of the standard Boost library because along with these unique, developer-focused trainings you'll also get a private leaderboard unique to just your team to encourage developers to expand their skillset and enjoy some friendly competition.
It's not live yet, but if you'd like to learn more about getting early access, contact us or sign up for our newsletter to be the first to know when it launches!
Ready To Learn to #CodeWizer?
