SOC X was the Professional SOC Team World Championships. It brought together the best SOC and IR Teams in the world to compete on what counts: the detection, investigation, and remediation of hyper-realistic APT level attacks on a live-fire enterprise network.

SOC X was unique among “blue team competitions.” It was the world’s premier security operations competition because it was a pure test of a team’s actual response capabilities. It was not a game. There were no puzzles or trivia quizzes or multiple choice questions. It did not promote a vendor’s commercial tool. It was a live enterprise network, a full suite of digital forensics & incident response tools, and authentic APT attacks.

The purpose of SOC X was to give the best professional SOC and IR teams in the world an opportunity to test their skills and see how they stacked up. More broadly, it was intended to inspire all security operations teams to build their capabilities by demonstrating the art of the possible.

Professional SOC and IR teams of up to 5 people.

Only one team per organization could compete. This allowed as many organizations as possible to compete and prevents collusion between multiple teams from the same organization.

Recon Infosec, the team that brought you OpenSOC and the Network Defense Range.

No. The purpose of OpenSOC is to support open source projects and give back to the community. It is designed to encourage people new to security operations to try it out and intermediate and advanced analysts to practice their skills. OpenSOC has a mix of beginner, intermediate, and advanced challenges. It is always free. It is run multiple times throughout the year at events such as DEFCON and BSides.

SOC X was designed to test the best security operations teams on the planet. It was focused on professional teams, and consists only of expert scenarios.

No. SOC X was the Professional SOC Team World Championships and was run on the Recon Network Defense Range (NDR) . NDR is the platform which includes a live enterprise network, a complete set of digital forensics and incident response tools, and hyper-realistic live attacks. The Recon Network Defense Range also enables public and private security operations training courses, the Recon Threat Hunter Academy, Black Hat Trainings, and OpenSOC.

Review the SOC X Rules, make sure you are familiar with the SOC X digital forensic and incident response tools (See prior FAQ "What tools will I be using"), plan your team strategy, and be ready to roll on March 4th.