Can you explain how this particular CTF work and how the system in general work against adversary? The article said insecure code and code filled with bugs are constantly being fed to the system. I don't really get it.
I hope someone more knowledgeable can chime in, but AFAIU, each player acts as the manager of a certain set of services, and as an attacker against all the others.
Such services contain bugs, so what each player must do is identify the bugs, fix them or mitigate them, and at the same time exploit them to gain access to the boxes of the other players.
So basically the programs in the competition do
* vulnerability identification
* vulnerability mitigation
* identification of the best target to attack (presumably based on the first thing, not sure if other things factor in)
Such services contain bugs, so what each player must do is identify the bugs, fix them or mitigate them, and at the same time exploit them to gain access to the boxes of the other players.
So basically the programs in the competition do
* vulnerability identification
* vulnerability mitigation
* identification of the best target to attack (presumably based on the first thing, not sure if other things factor in)