Our time to shine: ExpressVPN at cybersecurity competitions

ExpressVPN news
6 mins

Capture the Flag competitions (or CTFs for short) are the exhilarating battlegrounds where talented cybersecurity experts and hackers come together to solve complex technical puzzles and real-world security incidents. These intense competitions aren’t just about showcasing skills but also fostering team bonding and learning. 

ExpressVPN’s Security Team has consistently shone on the global cybersec stage, recently achieving an impressive 20th-place finish out of 982 teams in the highly competitive HTB Business CTF 2023. 

Join us as we delve into the team’s journey and accomplishments in the world of CTFs. Discover how these achievements not only reaffirm the reputation of our cybersecurity talent but also display our commitment to security.

Read more: Cybersecurity introduction: Everything you need to know

What are CTFs and how do they work?

CTF competitions are events where individuals or teams compete to solve challenges, usually cybersecurity-focused ones simulating vulnerabilities and real-life scenarios, allowing participants to test their skills in ethical hacking, forensics, reverse engineering, and more. Teams must analyze code, exploit system weaknesses, and uncover hidden information to earn points for each solved challenge. This process highlights the qualities valued in a cybersecurity expert: Determination, skill, and the ability to excel in high-pressure environments.

Read more: Interested in cybersecurity jobs? You’ll need these skills

For example, cybersecurity experts need a deep understanding of complex systems, coding proficiency, familiarity with network protocols, and a solid grasp of system architecture. CTF challenges allow ExpressVPN’s Security Team to display these attributes, demonstrating their competence in the field and commitment to maintaining a secure online environment.

ExpressVPN’s cybersecurity competition highlights

From securing podium finishes to outperforming global giants, we highlight the impressive achievements and triumphs of ExpressVPN’s Security Team in various prestigious competitions held from 2021 to 2023 (in reverse chronological order).

HTB Business CTF 2023 

Outcome: 20th out of 982 teams

The highly anticipated Hack the Box (HTB) Business Capture The Flag (CTF) event, sponsored by ExpressVPN and held from July 14 to 16, 2023, revolved around a futuristic scenario set in the year 2244. Earth faced a monumental crisis with depleted fossil fuels, scarce water, and limited power. As tensions escalated, two powerful states emerged, each striving to establish a colony on Mars and harness an alternative power source called Vitalium.

This year’s HTB Business CTF imagined a world low on resources, fighting over Mars and a new energy source called Vitalium

These scenarios involved forensics challenges, where teams needed to investigate simulated malicious activities executed by a rogue state. Additionally, participants engaged in reverse engineering software to manage Vitalium resources and launched attacks on cloud infrastructure to gather information on the Mars colony. They also identified and exploited various vulnerabilities such as web, binary, and server issues.

“Although these scenarios were simulated and designed to fit with the dystopian theme of the CTF, the skills required to solve the challenges were very real,” explains team member Brian. “These are the same skills the security team uses on a daily basis to keep ExpressVPN’s products and users safe.”

Among the 982 participating teams, including Microsoft, Puma, Accenture, and Toyota, ExpressVPN’s Security Team achieved an impressive 20th-place finish, further cementing their reputation as a formidable force in the world of digital defense. 

Splunk BOTS 2022

Outcome: 4th out of 84 teams 

In the highly competitive realm of Splunk Boss of the SOC (BOTS) 2022, our cybersecurity team once again showcased their prowess, securing a commendable fourth-place finish out of 84 highly skilled cyber defense teams from companies across the APAC region. 

The competition posed challenging scenarios, including investigating a supply chain compromise in the cloud, ransomware, malware, and other security threats. The team’s ability to excel in such a demanding environment earned them praise and recognition from peers and industry experts.

Hack the Box 2022

Outcome: 8th out of 650 teams

Hack the Box 2022 was a big event for ExpressVPN, as we not only entered a team but also sponsored the competition. Despite facing stiff competition from over 650 teams worldwide, the ExpressVPN Security Team displayed exemplary performance, securing a noteworthy 8th place. 

The competition focused on money-related security challenges, encompassing crypto laundering, phishing campaigns, wire fraud, malware, ransomware strains, and more. Team member Walter expressed his pride: “There was a great show of amazing teamwork. As we learn to collaborate with each other in this simulated environment, we can do better in the real world.”

MetaCTF 2021

Outcome: 3rd out of 623 teams

During the MetaCTF competition, our cybersecurity team secured a coveted third-place finish out of 623 teams of active professionals. The team successfully solved a total of 51 (out of 66) challenges and were among the few teams that managed to conquer challenges across all categories, which included forensics, web exploitation, and reverse engineering. 

The event also served as an invaluable opportunity for team bonding and learning, where players forged strong connections.

Splunk BOTS 2021

Outcome: 1st out of 34 teams

In the Splunk BOTS 2021 competition, ExpressVPN’s cybersecurity team emerged as the champions, outperforming government institutions, banks, and other cybersecurity companies from Singapore and beyond. Their victory demonstrated their unrivaled expertise in analyzing and responding to security threats across diverse platforms. 

Cherlynn, a member of the winning team, shared her aspiration, saying, “We want to compete in two to three competitions a year. This way, we can continue learning and exploring new fields to make our organization more secure whilst building trust within our company as a highly capable function.”

HTB Business CTF 2021

Outcome: 11th out of 374 teams

In the challenging arena of the HTB Business CTF 2021, our experts proved their mettle once again, securing a commendable 11th place out of 374 teams competing from all corners of the globe. 

3 reasons why CTFs are important for cybersecurity-focused companies

1. Enhanced skills through real-life scenario simulations

Joining a CTF competition enables ExpressVPN’s teams to build critical thinking skills, a crucial aspect in the field of cybersecurity, where “discovery” is 99% of the problem. These competitions also often simulate real-life scenarios that allow the teams to gain practical experience in a dynamic environment. For instance, they sift through significant volumes of data to better understand hacker activity, which enhances their ability to detect and respond to threats effectively. These insights help the team comprehend the sequences of events leading up to security incidents and an attacker’s objectives.

As one team member, Dave, explains, “A CTF lets people practice trial and error and discovery skills, as well as persistence and perseverance. Sometimes your gut just tells you something doesn’t smell right, and part of a security team’s job is to dig until we either find what smells or reasonably prove that it doesn’t. CTFs help us build those skills so we can use them in the real world.”

2. Exploring novel attack methods

Cybersecurity is a fast-changing world, in which adaptation is essential. CTFs offer the opportunity to explore different attack methods. Cherlynn explains, “At the end of the day, we receive hands-on experience in simulated environments that help us to prepare for dealing with real-life (cybersecurity) incidents. There are always new ways that hackers use to exploit systems, and continuous improvement is key to staying ahead of the curve and protecting our customers, partners, employees, and the organization as a whole.”

3. Fostering collaboration and fun

Lastly, CTFs are great for team building and networking (when done in person). And because they play a pivotal role in learning and skill development across various cybersecurity and engineering domains, we understand the importance of broadening participation beyond our security team. Individuals from our engineering departments actively engage in these competitions, leveraging their skills to effectively pinpoint and exploit vulnerabilities. We’ve also extended the invitation to join our CTF team to all members of the organization, embracing anyone keen on enhancing their cybersecurity skills and knowledge.

FAQ: About capture the flag competitions

What’s the difference between a hackathon and CTF?
How to prepare for a CTF competition?
How to participate in a CTF or hackathon?
Phone protected by ExpressVPN.
Protect your online privacy and security

30-day money-back guarantee

A phone with a padlock.
We take your privacy seriously. Try ExpressVPN risk-free.
What is a VPN?
I like hashtags because they look like waffles, my puns intended, and watching videos of unusual animal friendships. Not necessarily in that order.