Export or edit this event...

OWASP PDX - Thunder CTF: Learning Cloud Security on a Dime with Wu-chang Feng P1

Description

Abstract: Organizations have rapidly shifted infrastructure and applications over to public cloud computing services such as AWS, Google Cloud Platform, and Azure. Unfortunately, such services have security models that are substantially different and more complex than traditional enterprise security models. As a result, misconfiguration errors in cloud deployments have led to dozens of well-publicized breaches. This paper describes Thunder CTF, a scaffolded, scenario-based CTF for helping students learn about and practice cloud security skills. Thunder CTF is easily deployed at minimal cost and is highly extensible to allow for crowd-sourced development of new levels as security issues evolve in the cloud.

Joint work with Nicholas Springer.

Bio: Wu-chang Feng is a professor in the Department of Computer Science at Portland State University where he works on topics in cloud computing and security. His current projects include developing CTFs and codelabs to teach advanced topics in security as well as performing outreach to high-schools via camps and internships through CyberPDX and Saturday Academy.

RSVP: https://www.meetup.com/OWASP-Portland-Chapter/events/276208151/

Share