united kingdom

(ISC)2 Command and Control Qualifier

Securing Software – Have you got the Right Instincts?

Type: Single player, open book

Player count: 250

This game will be played: Saturday 6th to Sunday 28th October 2012

Registration is now closed.

Description:

Have you got what it takes to develop systems for a connected world? Opportunities abound for talented system developers with the ability to help companies innovate across the proliferating online, cloud-based, and mobile communications platforms. But it is those with the ability to open up these opportunities securely that will rise to the top.

This is an opportunity to show off your instincts, not merely your technical skill, for a developing area that business and government organisations increasingly value: secure software development. You will be given scenarios, a series of questions and three weeks to mimic the processes of a secure development lifecycle and then demonstrate your security knowledge with the creation of sample code.  The objective is to prove you have the skills to go on to the next stage: a face-to-face team competition led by QinetiQ where you will be tasked with shoring up and controlling sensitive defence systems that react to the slightest sign of trespass.

Candidates need to be aware of,  or willing to research, using the Internet and other resources, current thinking in secure software lifecycle management and will be asked to demonstrate their ability,  by anticipating attack, mitigating vulnerability and assimilating a baseline of information security process into their approach.   You don’t need to be an expert in a particular programming language, but you will need to understand the fundamentals of programming in c, c++, objective c and java.

Entry:  This challenge is open to individuals over the age of 16 with an interest in the topic area. It is designed for individuals working or developing a career in software development, that seek to add to their competency base with security skills. It is not open to people actively working in cyber security today, or with recognised credentials in secure software development such as the CSSLP. 

Scoring: The scoring will be focussed on a demonstrated understanding of security concepts, rather than the ability to code. The key to success will be in the planning, creative application of security concepts and a demonstrated ability to dive deep into a topic area, without having a lot of background information, to report problems and potential fixes.  Judges will be working with a scoring system that reflects the difficulty of individual tasks.   

Winners will be invited to attend the QinetiQ face to face challenge which will be held on Saturday 9th of February 2013. Winners from this event will then be invited to attend our Masterclass and Awards weekend to be held on the weekend of the 9th and 10th of March 2013.