Two Major CTFs Set for March
Two upcoming Capture The Flag events offer hands-on practice: SAIT's "Hack the Planet" runs March 20-21 with corporate-style challenges, while the beginner-friendly picoCTF-Africa is open globally from March 9-19. OWASP Ranchi is also holding a workshop on March 7 focused on the OWASP Top 10.
The SAIT "Hack the Planet" event is a two-day competition with the first day held online and the second in person at SAIT's downtown Calgary campus. This event is open not only to SAIT students but also to students from other post-secondary institutions, high school students, alumni, and industry professionals. Participants are required to bring their own laptops equipped with a Linux virtual machine, with Parrot or Kali Linux being the recommended distributions. While picoCTF focuses on a beginner-friendly, story-driven experience to introduce core cybersecurity concepts, SAIT's event appears to be a Jeopardy-style competition. A previous SAIT cybersecurity CTF featured categories such as "Trojan Territory," "Cyber Frontlines," "Human Exploits," and "Tech Lore & History," suggesting a broad range of challenges. This format allows participants to choose challenges from various categories and difficulty levels, similar to the structure of many professional and academic CTFs. The picoCTF, developed by Carnegie Mellon University, is designed as an accessible entry point into cybersecurity, often with a narrative to engage players. Its challenges typically cover foundational areas like web exploitation, cryptography, reverse engineering, and forensics. The platform also offers a non-competitive practice space called picoGym, which contains challenges from past competitions, allowing for year-round skill-building. Participation in CTFs like these is highly valued in the cybersecurity industry as it demonstrates hands-on skills and a passion for the field that goes beyond academic coursework. For aspiring penetration testers, CTF experience is particularly relevant as it hones the practical problem-solving and technical abilities needed for certifications like the Offensive Security Certified Professional (OSCP). The challenges often mirror real-world vulnerabilities and require the use of tools and methodologies common in penetration testing. The OWASP Ranchi workshop provides another crucial learning opportunity, focusing on the OWASP Top 10, which is a standard awareness document for developers and web application security. Understanding these critical security risks, such as broken access control, injection flaws, and cryptographic failures, is fundamental for any penetration tester. A penetration test will often involve specifically looking for these vulnerabilities.
