CCDC and similar competitions

Introduction to Red Team / Blue Team Competitions

Applied Cyber organizes student teams interested in practicing offensive (red team) and defensive (blue team) skills. The competition group creates its own lab environment of virtual machines for training. In this environment, students can practice a wide variety of skills that are not usually presented in classes.

The competition team has competed as a blue team in the Western Regional Collegiate Cyber Defense Competition for two seasons and took 2nd place in the 2017 Regionals. The team has also competed as a red team in the Collegiate Penetration Testing Competition and took 1st place in the 2017 nationals. 


Collegiate Cyber Defense Competition (CCDC) 

Stanford CCDC GitHub:

The National Collegiate Cyber Defense Competition is a blue team competition that gives students insight into what real-world attacks are like and how to defend against them. In CCDC, each team of eight must defend a company network against attacks from a professional red team and maintain the availability of services such as a web site, mail server, and DNS.

Each team is given the same initial configuration, which typically includes an even mix of Linux and Windows machines. In addition to securing the initial network, competitors complete tasks such as setting up new services, performing vulnerability assessment, or providing documentation of company security policies.

Who can participate?

The Invitational events are open to anyone and there is no limit on the number of people who can compete. The Invitationals take place in a virtualized environment and we compete from Stanford campus.

For all other events, up to 8 team members from the school roster may compete. The team roster can have up to 12 members and at most two of these can be graduate students.


Collegiate Penetration Testing Competition (CPTC) 

The Collegiate Penetration Testing Competition is a red team competition which simulates a professional penetration test. Students act as security engineers tasked with identifying, exploiting, and reporting vulnerabilities in a fictional company infrastructure. The competition not only emphasizes technical prowess and familiarity with a variety of industry tools, but also the ability to communicate risk and promote plans of action to both corporate leadership and fellow engineers.

The competition runs over 24 hours long; teams infiltrate targets throughout the first day, then build their technical reports and presentations overnight to present the next morning. Each team of six is given access to the same configuration, which involves a mix of Windows and Linux hosts, cloud and physical machines. Professional conduct is paramount, and judges dock points for unprofessional actions, such as going out of scope or interrupting normal business traffic, accordingly.