2022 The State of Attack Surface Management

April 27, 2022

NCCDC: Training the Next Generation of Defenders

By: Randori Team

Share on facebook
Share on twitter
Share on linkedin

The 2022 NCCDC season has come to an end. As a founding member of the NCCDC Red Team, Randori’s Director of Offense, Evan Anderson, has been volunteering at this event since its second year. During the competition, his role is to play the bad actor. The goal is to give the competing teams a realistic depiction of what they will be facing when defending against adversaries in the real world.

What is NCCDC? 

The National Collegiate Cyber Defense Competition (NCCDC) is a business-oriented cyber defense competition for college students designed to provide a realistic opportunity to understand the challenges and trade-offs that real information security professionals face. Focused on the management and protection of commercial networks and infrastructure, student teams spend a weekend making decisions on how best to defend their networks against emerging threats while balancing the constraints and goals of a real business.  

How is NCCDC structured?

NCCDC is organized to provide teams with a realistic experience. The top 10 student “blue” teams in the country compete to defend their networks better than their peers. Fighting against them is a real red team, staffed by leading offensive security experts including our own Evan Anderson. The competing teams, or blue teams, earn points based on service uptime, completing business objectives and successfully remediating any compromised systems.

The red team can cost the blue team points by disrupting services and stealing sensitive information. They accomplish this by enumerating networks, compromising vulnerable systems, persisting access to those systems, pilfering “customer” data, and causing outages in the targeted networks by any means necessary. At the end of the weekend, the team with the most points wins. 

What Do Students Gain from NCCDC?

NCCDC provides students a unique opportunity to experience what it is like as a defender to work against an active adversary with clear motivations and an incentive to move quickly. Unlike other CTFs or simulations, NCCDC provides student teams a realistic environment to experience what it is like to be on a real blue team – stressing not only the technological challenges but the hard business decisions that must be made.  This isn’t  a “pentest” — finding vulnerabilities just for the sake of finding them — it’s a real battle. The red team is there to gain access to the target networks, steal information and cause network outages, just like real adversaries. This makes NCCDC unique, competing teams get to experience active incidents with live attackers, an opportunity rarely afforded in the real world.

What do Red Teamers Gain from NCCDC? 

This type of scenario is great practice for red teamers as well. It is very rare that a Red team gets to unleash all their masterful plans – we all have bosses, budgets and timelines too. Working to help corporations secure their most valuable infrastructure comes with a specific set of responsibilities. It is very rare that an offensive operator (working legally) is allowed to go “gloves off” and test the more destructive or malicious capabilities in their tool chest. NCCDC provides an opportunity for some of the world’s best offensive security experts to come together, push their craft and do so while helping train the next generation of great defenders. 

What Set UCF Apart This Year? (And Last)

Congratulations to University of Central Florida (@HackUCF) for taking home back to back wins of this award. UCF sets itself apart from the crowd with a matching uniform of royal blue polos tucked into khakis, as well as a particularly rigorous practice schedule. “It’s been busy since we [sat] down,” said Team Captain Aiden Durand. “However, we are used to it, because we intentionally create tension and chaos during mock competitions in practice. It’s good for team building.” 

This is a direct example of the benefits of red team exercises in the real world. Scrimmaging in a chaotic environment and stress-testing a security system can lead to cooler heads and better results on game day.

Get Involved

For more information on how to get involved with the CCDC competition to help foster the next generation of defenders, visit their registration page here.

Gain an Attacker's Perspective

Uncover your true attack surface with the only ASM platform built by attackers. Stay one step ahead of cyber-criminals, hacktivists and nation-state attackers, by seeing your perimeter as they see it.