Rules & Guidelines

Key Rules

  • As a Blue team participant, you are not allowed to perform any offensive measures towards other Blue team participants, the Red team, the Green team, or the competition network. Doing so will disqualify you from the competition.
  • Each Blue team member will have access to their AWS environment beginning no later than October 21, 2022. The White team operates the administrative accounts on AWS. White team administrative accounts will not be used maliciously and are only there to ensure proper scoring and enforcement of rules.
  • Security documentation is due no later than NOON PST on Monday, October 31, 2022. Teams will upload a PDF of their security document and a separate PDF of their network diagram to the scoreboard. Late submissions will be accepted until Wednesday, November 2, 2022 at NOON PST to the Scoreboard. Late submissions will lose 25% of the earned score. Please refer to the Scoring Breakdown for more information. Please ensure your documentation follows the format: <3digit team number>_SecDoc.pdf/.doc (g., 000_SecDoc.doc, 987_SecDoc.pdf).
  • C-Suite Panel submission video is due no later than NOON PST on Monday, October 31, 2022. Teams will submit the link to their C-Suite Panel video in a text file (.txt) to the scoreboard. Late submissions will be accepted until Wednesday, November 2, 2022 at NOON PST to the Scoreboard. Late submissions will lose 25% of the earned score. Please refer to the Scoring Breakdown for more information. Please ensure your video follows the format: <3digit team number_CSuite>.txt (g., 000_CSuite.txt, 987_CSuite.txt).
  • Secure pre-existing required services on provided Traditional VMs as outlined in the Blue team AWS PDF. You are NOT allowed to touch the assume breach VMs.
  • The provided required services MUST be the services used for scoring purposes in the scoreboard.
  • Keep the provided name of your inherited virtual machines in AWS. If restoring VMs from a snapshot or redeploying an image, ensure the VM is renamed to the original name and the private IP address does not change.
  • These rules ensure that each team participates under the same circumstances and thus has an equal opportunity to succeed. Depending on the offense, failure to comply with the rules of the competition may result in penalty points or disqualification. Egregious offenses may result in disqualification from the competition. If you see a breach of competition rules, please notify the competition staff immediately.
  • Communications with White team members are confidential.

The Do’s

  • Secure existing required services on the provided traditional VMs as outlined in the Blue team AWS PDF and the Red team scoring rules.
  • Participants are only allowed to use freely available or free trials of software*. Paid software and paid images are prohibited from use. *No inherent AWS security software may be utilized.
  • Keep your services online, on their standard ports, for the duration of the competition.
  • You can harden/modify the Windows Server 2022 and Debian 10 VMs.
  • You can create 1 additional VM to add to your existing provided infrastructure (must be 10.0.x.9).
    • You can only utilize the three available AMIs provided within your account.
  • You can create EC2 VM Snapshots.
  • Create and deploy innovative defense strategies within the constraints of other rules.
  • The “mre” user on the Traditional Infrastructure must maintain SSH access and root privilege.
  • Submit Security Documentation by Monday, October 31, 2022 by NOON PST to the scoreboard.
  • Submit your C-Suite Panel video link in a text file (.txt) by Monday, October 31, 2022 by NOON PST to the scoreboard.

The Do not’s

  • Do not create more than 6 total virtual machines (VMs) in your environment (including all 5 of the VMs provided). White team will delete the last machine(s) created if more than 6 machines are running in your environment at any given time.
  • Do not delete the provided machines. Services can be moved and configured on the traditional infrastructure.
  • Do not edit, alter, or touch the assume breach VMS: Windows Server 2016, Ubuntu 18.04, and CentOS 7.
  • Do not create more than 1 additional VM to complete tasking.
  • Do not block ports on your Assume Breach infrastructure.
  • Do not brand your website, documentation, video, etc. with any university information.
  • Do not change the IP addresses to the provided VMs.
  • Do not change the name of your provided machines in AWS. If restoring from a snapshot or redeploying an image, ensure it is renamed to the original name.
  • Do not perform offensive actions toward any other Blue teams, the Red team, or AWS.
  • Any attempts to hack, alter, or compromise the scoreboard will result in disqualification.