BlackBerry Incident Response (IR) teams placed both first and third in the OpenSOC Network Defense Range (NDR) competition at DEF CON 29.

OpenSOC is a digital forensics, incident response (DFIR), and threat-hunting challenge that highlights practical IR skills in an environment that emulates real-world situations. The security professionals’ IR skills are then progressively challenged with realistic attacks that increase in difficulty as the competition continues.

This blue team defensive competition is a valuable way to train, collaborate, and challenge participants of all skill levels. Since it is set in a fully functional replication of an enterprise environment, it provides exposure to wide range of challenges and applications, such as Microsoft® Active Directory®, Microsoft® Exchange, distributed networks, various sensors, log aggregation, end-user simulation and more.

BlackBerry greatly appreciates OpenSOC, DEF CON, and the other 249 participants for contributing to such a fun and challenging event. Everyone involved had a great time sharpening their skills and advancing their training for real-world scenarios. We look forward to future competitions and increased participation, since these events are an excellent investment in our people as well as a great way to give back to the security community.

Congratulations to the BlackBerry Incident Response Teams, and especially those who represented us in the competition:

The complete list of winners with stats was shared in the OpenSOC DEF CON 29 blog .

About the BlackBerry Security Services Team

The BlackBerry® Security Services team performs a wide variety of Digital Forensic/Incident Response (DFIR) services for clients. Leveraging a world-class forensic laboratory, the IR team is ready to quickly secure the chain of evidence and process data and devices.

Learn more about how the BlackBerry IR team helps customers resolve cyber incidents.

About Tony Lee

Vice President of Global Services Technical Operations, BlackBerry.

Tony Lee, Vice President of BlackBerry Global Services Technical Operations, has more than fifteen years of professional research and consulting experience pursuing his passion in all areas of information security.
As an avid educator, Tony has instructed thousands of students at many venues worldwide, including government, universities, corporations, and conferences such as Black Hat. He takes every opportunity to share knowledge as a contributing author to Hacking Exposed 7 , and is also a frequent blogger, researcher, and author of white papers on topics ranging from Citrix Security, the China Chopper Web shell, and Cisco's SYNFul Knock router implant.
Over the years, he has contributed many tools to the security community such as UnBup, Forensic Investigator Splunk app, and CyBot, the extensible Threat Intelligence Bot framework designed for anyone from a home user to a SOC analyst.