Skip to content




GrrCON NGFW Capture the Flag Mission


The Operation: Capture the Flag

Your Mission: Race to ensure that your network is healthy and safe from cyber attacks. Hunt down and stop stealthy attacks quickly. Learn how you can prevent up to 95% of threats in real-time with inline zero-day protection.

Your Weapon: The Palo Alto Networks ML-Powered Next-Generation Firewall (NGFW)

Your Objectives: Explore the Palo Alto Networks NGFW and PAN-OS to see how they enable best-in-class security with a consistent management experience to protect your organization from the latest threats.

What You’ll Learn:
– How to protect an organization from internal and external threats
– Identify attacks, malware, and other malicious activities, and block them
– Gain application control, intrusion prevention, and advance visibility across the entire attack surface

The Ideal Candidate: No experience is required. We’re looking for security enthusiasts willing to shut down threats and compete for glory. All network security pros, security enthusiasts and threat hunters are invited to play and get firsthand experience with the Palo Alto Networks ML-Powered NGFW.

Prizes will also be awarded for the top performers:

• 1st Place – $100 Gift Card
• 2nd Place – $50 Gift Card
• 3rd Place – $25 Gift Card

* Only attendees will receive the gift card.


Thursday Oct 13th 3-5pm

Register here



Cyber Defense Clinic


Description: Cyber Defense Clinic Lab is a training platform, based on Cisco Security Integrated Threat Defense (ITD) architecture and solutions. Experience lifelike cyber security attacks in a virtualized enterprise lab environment where you play the roles of attacker and defender!
Perform scenarios in an environment that models many enterprise networks with Cisco and non-Cisco tools and learn how your own environments get compromised, how security breaches get detected, and how to respond with maximum effectiveness.

Pre-reqs and requirements:

• Attendees will need a laptop or tablet running Chrome or Safari.
Connectivity and Setup (Required)
• A Cisco Online ID (CCO ID) is required to access the CDC Cloud training platform. If you don’t have one, please follow these instructions on how to create a CCO ID. Registration code required; to be emailed.



• Target Reconnaissance: Gathering Information about Vulnerabilities for a Future Attack
• Smash and Grab: Attacking Public Network Services Through the Front Door
• The Ransom Scenario
• Insider Threats: Move Within to Obtain and Export Your Data
• Compromised Hosts: Control Access and Monitoring for Malicious Threats
• Centralized Defense (Splunk and IBM QRadar)
• Automating and Response with SOAR
• Web Defense and Resource Sustainability Part 1 and 2
• Defend Identities and Password Compromise
• Email Exploitation
• End-to-End Exploitation – Advanced Attack Lab
• Monitor Threats and Performance with Tetration
• Cyber Defense Response Challenge: Incident Response


Friday Oct 14th
10am – 4pm



ThreatOps Challenge


Description: Join your fellow cybersecurity peers in a race focused on identifying attack vectors, TTPs, and IOCs. This competition will be facilitated by SentinelOne engineers on the SentinelOne Singularity platform. No SentinelOne experience required–an orientation will be provided to align your threat hunting skills and prepare you for the competition. Demonstrate your skills, resilience, and prowess as a true and effective Threat Hunter to earn fabulous prizes (and CPEs)! Bring your own laptop with a wifi connection to participate..

Pre-reqs and requirements:

• Attendees will need a laptop with Wi-Fi capabilities.


Thursday Oct 13th 1-4pm
Friday Oct 14th 10am-1pm