• Donald Ashdown

SANS 2019 Holiday Hack Challenge

Sans 2019 holiday hack challenge also known as KringleCon is an annual info sec conference that covers emerging cyber trends, and offers an opportunity to train your security skills, and bring the info sec community together.
















If you have never participated in the holiday hack challenge, you are in for a real treat. In case you do not already know, this challenge is designed by the SANS security team. The SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cyber security training and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and audits. SANS works closely in training members of the US air force.


The holiday hack challenge is presented in a game environment that helps facilitate a fun and engaging learning experience, accompanied with music and regular talks from world class speakers.

Initially when you start in the holiday hack challenge you will spend some time walking around and exploring the gameworld before you start getting tasked with assisting Santa in ultimately saving christmas in one form or another.


Why KringleCon


One of the reasons that I am so passionate about SANS Kringlecon is the amazing environment that fosters learning based off real world scenarios, while delivering holiday cheer through christmas themed music and of course the christmas themed storyline and world.

It is the one time a year, I feel like I can learn about cyber security without reviewing nothing but dry technical documents that never seem to end, and offer little in the way of application or real world application and context.


Every year the holiday hack challenge will focus on a different story line, while serving up around 20 challenges, to teach you something in all areas of info sec. To help pace you along SANS has incorporated certain talks by selected speakers to either have a hint, or some good ideas to assist you with particular challenges along the way, forcing the players to listen and learn from those speakers.


KringleCon is designed for everyone, but only a few will finish. The challenges initially start off very simple, so everyone can be engaged. However, as you progress through the story the challenges will start to demand high competencies such as reverse engineering or binary exploitation. The idea here, is that there will be obstacles and challenges for all skill levels. For example last year, I progress well early and mid game, but started to run into obstacles late game, when playesr had to reverse engineer the malware that had hit santas workshop. This is where I found myself spending a large amount of time, researching and learning about malware analyses.

10 views0 comments