Trophy for team from ETAS’ Bosch Cyber Security Defense Center

(f.l.t.r.) Winning team: Dennis Mohn from the company Magellan Netzwerke and Nnenna Ann Nweke, Lucas Asmus, and Stefan Föhrdes from BCDC (ETAS)

Three members of the Bosch Cyber Security Defense Center (BCDC) at ETAS win cyber security competition “Boss of the SOC” in Munich.

After the “Inglorious Bees” did so well at “Capture the Flag”, now another ETAS cyber security team has scored the highest points at an important competition. A team from ETAS’ Bosch Cyber Security Defense Center (BCDC) has won the "Boss of the Security Operations Center (SOC)" - short BOTS - competition. The event, organized by the value-added IT distributor Arrow ECS, took place on January 18 at the Le Meridien hotel in Munich. Stefan Foehrdes, Nnenna Ann Nweke and Lucas Asmus from BCDC and Dennis Mohn from the company Magellan Netzwerke, which supports ETAS with the Splunk data analytics system, demonstrated their skills along with nine other teams. Their team name was “Bub3DameK03nigA55.”

“Winning this tough competition again underlines our outstanding expertise in preventing and resolving cyber attacks,” says Uwe Müller, head of the Application Field Cyber Security Solutions.

BOTS – a sophisticated Splunk-based capture-the-flag activity

BOTS is a blue-team capture-the-flag activity where participants use Splunk – and other sources such as open source intelligence – to answer a variety of questions related to security incidents that have occurred in a realistic but fictitious enterprise environment. It's designed to emulate how real security incidents look in Splunk and the type of questions analysts will need to answer.

32 questions ranging from easy to hard

The competition requires broad security know-how – and perseverance: It started at 11 am and ended at 5 pm. In the first hour, each team set up its environment. Then there were four hours of searches in Splunk and open source intelligence platforms such as Threatminer. 32 questions had to be answered separated into two “incidents,” meaning scenarios. The first scenario was a website defacing, the second one a malicious flash drive that was connected to an endpoint. After the four hours of investigation, there was a debriefing where everyone got together and talked about open questions and the approaches they would choose. The questions were separated into several difficulties, ranging from easy (worth 50 points) to hard (worth 1,000 points). The ETAS team proved that they had no problems with any of the questions and scored the most points.

“I’m proud of the winning team and its achievements. This encourages us to take part in further competitions, accept the challenges and put our skills to the test,” says BCDC Head Jürgen Heidenwag.

Next BOTS event in March

In March another BOTS event will take place with new scenarios and questions. By then, enterprise security will also be available so that the participants can investigate the incidents in depth with the help of dashboards and reports. The “Bub3DameK03nigA55” team will hopefully be able to defend its title. Good luck!

About BCDC

The Bosch Cyber Security Defense Center (BCDC) is becoming part of ETAS’ new Application Field (AF) Cyber Security Solutions on March 1, 2018. The new AF will be one of the leading organizations for IoT security within the Bosch Group. The BCDC in cooperation with other AF teams and ETAS’ subsidiary ESCRYPT effectively combines the methods of prevention, detection, and response to detect cyber attacks at an early stage and successfully combat them. In addition to preventive security measures, the BCDC specifically identifies critical behavior patterns and events that indicate a cyber attack and then initiates countermeasures straight away. It responds in this way to the rapidly increasing attacks on large companies and their value-added chains by offering a holistic approach to solutions.