Facebook announced this week that it will open-source its Capture the Flag (CTF) platform to help teach students and developers how to hack — and how to guard against online security threats.
CTF competitions are a common occurrence in the cyber security industry. These simulations are used to teach security professionals how to deal with common hacking attacks. Some of these exercises put the participants in the role of the hacker to teach them how security breaches work from the other side.
“It’s a lot of fun to learn this offensive side of security, but at the same time learning about these flaws makes you a better defender, as well,” said Gulshan Singh, a software engineer on Facebook’s threat infrastructure team. “Although news reports about security bugs are now commonplace, it’s not always obvious how people find these flaws and how you can develop the skills needed to find and protect against malicious exploits. CTFs provide a safe and legal way to try your hand at hacking challenges.”
Facebook’s open-sourcing of its CTF platform means that any classroom or conference around the world can use it for free. It’s an altruistic gesture, but it is also in Facebook’s best interest; the more trained cyber security experts there are in the world, the safer Facebook’s future will be.