When BSides Ahmedabad invited us to run a live competition, we had a decision to make. We could set up a standard CTF - jeopardy-style challenges, point values, a scoreboard. Safe. Expected. Boring. Instead, we deployed a full WarZone and let 200 participants loose inside a simulated enterprise network. No flags. No hints. No guided paths. Just an environment, a set of objectives, and four hours on the clock.
The rules were straightforward. Teams of four were deployed into identical network segments. Each segment contained a simulated mid-size company's infrastructure: Active Directory domain, web applications, internal services, cloud integrations, and monitoring systems. The objective wasn't to find hidden flags - it was to achieve real-world goals: establish persistent access, exfiltrate a specific dataset, and avoid detection by the automated defensive systems we'd deployed.
Scoring was based on our Intelligence Engine. Rather than awarding points for individual exploits, we measured overall operational effectiveness: how teams coordinated, how they handled dead ends, how they prioritized targets, and whether their approach demonstrated strategic thinking or just technical brute force. Teams received a real-time "operational score" that updated as our behavioral analysis engine processed their actions.
The arena itself was set up in BSides' main hall. We projected an anonymized, real-time visualization of network activity across all segments. Attendees who weren't competing could watch the operation unfold - seeing lateral movement spread across subnets, watching defenders respond to intrusions, and following the ebb and flow of a live red team operation. Multiple attendees told us it was the first time they truly understood what a real engagement looks like.
Results were fascinating. The top three teams all demonstrated a common pattern: they spent significantly more time on reconnaissance than the average team. The winning team spent nearly 40 minutes - out of a four-hour window - just mapping the environment before executing their first exploit. Teams that rushed into exploitation consistently scored lower, even when they achieved individual technical milestones faster.
Rewards: the top team received lifetime Barracks Premium access and an invitation to our private Beta Brigade channel. Second and third place received annual Premium subscriptions. But the real reward - and we heard this repeatedly in post-event conversations - was the experience itself. Multiple participants said the WarGames event taught them more about real security operations in four hours than months of traditional training.
We're planning to bring WarGames to more BSides events throughout 2025. If you're an event organizer and want to host one, reach out. We'll bring the infrastructure, the intelligence engine, and the arena visualization. All you need is a room full of hackers who are ready to stop playing games and start operating.