The support that people will provide even when the CTF is on , is really great !! kudos for the tiresome efforts , keeo up the good work!!
First of all, the case is great. The TTPs are realistic, challenging and it makes fun to solve it. I also learned something new along the process. So totally worth the price.
However, some questions were vague and it is not clear what is the right answer. It's hard to find the balance and not give away too much information or the solution. But it should not be necessary to try different solutions and then only have 5 tries. Further, some logs that are usually there were not present. But this can happen on real cases too..
Completed my first CTF after a long time reader of The DFIR Report, super fun and everything runs smoothly. Definitely one of the best platforms to learn hands on with real world data and investigations. I learned so much and already eager for the next CTF!
This was my first truly realistic CTF, where I had the opportunity to work through an actual intrusion scenario. Looking back, I’m not sure why it took me so long to attend one of these, but I’m definitely glad I finally did.
The experience was both challenging and rewarding—I learned a lot and had a great time doing so. There were plenty of takeaways, from refining my investigative process to reinforcing key DFIR skills. It took me a while to get going, only because I had to re-familiarize myself with ELK. I think once I get a grasp on ELK, the time cap wont be much of a problem, and I will leave that to the real problems. I will also point out that the performance of the SIEM was top notch. There was no lag, or waiting for queries to load etc. I entered what I needed to and off went my search. I have worked in other simulated environments where it took minutes to do a simple task.
I’m definitely looking forward to attending many more of these in the future. It’s great to see high-quality CTFs that mirror real-world incidents, and I’m happy to support in any way possible. If you’re in the DFIR space, I highly recommend just signing up!
Absolutely recommended for anyone who in Cybersecurity field and also trying to "get in", This CTF give you a real case (at least ALL TTPs are from the real cases) which you can practice and learn about something new by doing it ! and do not worry about "what if i could not do it"
There are different difficulty ranging from Easy to Hard so at least you could go for EASY and leverage hint the DFIR Labs provides (you will lose point if you click for hint) to solve harder question and ultimately solve the case! since learning is our ultimate go so don't hesitate ! Join us on next CTF!
