Select Language

Contact

Company

Service

Product

Media Center

Contact

Company

Service

Product

Media Center

Select Language

Contact

Company

Service

Product

Media Center

Go to Top

CTF Organizer Enki WhiteHat, About the Hacking Defense Contest Thumbnail

Security Insights

About the Hacking Defense Competition by CTF-Operating Company

EnkiWhiteHat

Sep 11, 2025

Content

CTF Status

Cyber threats are becoming increasingly sophisticated, and hacking incidents are occurring more frequently. To effectively counter these threats, it is crucial to systematically and effectively enhance security training and technical skills. One of the most representative methods is the hacking defense competition. Often considered a simple one-time event, hacking defense competitions are an excellent means to learn about vulnerability types often used in actual attacks, new cyber threats and attack techniques, continuously motivate learning, and further develop practical attack response capabilities.

In the past, concepts like 'hacking defense competition', 'war game', and 'CTF' were unfamiliar in Korea, but now the situation has changed significantly.

Notably, international cyber training APEX, involving cybersecurity experts from over 24 countries, the largest domestic cybersecurity competition CCE inclusive of civil, public, military sectors as well as students and youths, the internationally renowned hacking defense competition CODEGATE ongoing for 17 years, FIESTA which evaluates the incident response capabilities of financial industry information security officers, and ELECCON, a practical cyber attack defense training in the energy sector, are actively held, each specialized to different fields.

Now, universities, military, public institutions, financial institutions, local governments, and private companies run competitions tailored to their respective goals, and both scale and level are gradually increasing.

Hacking defense competitions play an important role in spreading cyber security culture through various effects such as raising security awareness, enhancing technical skills, motivating learning, and nurturing talent. This article examines the definition of hacking defense competitions and focuses on preparations and considerations needed for their operation.

What is a hacking defense competition (CTF)?

The hacking defense competition is a contest where participants test their ability to solve computer and information security problems in a legitimate environment. There are various types depending on the operation method and purpose, with the most well-known format being CTF (Capture The Flag), where participants solve given problems to obtain the correct answer string referred to as a 'flag'. The hacking defense competition is divided into various types depending on the operational purpose and the characteristics of the participants (adults, youth, professionals, etc.). Here are some representative types:

Types of Hacking Defense Competition Problems

Jeopardy Style
: Participants choose and solve the problems they want and submit the correct token (Flag). Through problems in individual technical units such as web hacking, reverse engineering, forensics, and cryptography, participants can learn a wide range of knowledge and verify their skills.
Attack & Defense Style
: Teams operate their own servers or services while simultaneously attacking opponents' systems. This requires comprehensive real-time response, strategic thinking, and collaboration as teams must simultaneously reinforce their vulnerabilities (patch) and target the vulnerabilities of the opposing system. This form is frequently adopted in parts of internationally renowned competitions (e.g., DEF CON CTF).
Scenario-Based Style
: This format involves resolving staged challenges based on a fictional incident situation or worldview. For instance, participants can experience a process similar to real-life situations involving penetration → privilege escalation → data theft → incident analysis. This offers significant training benefits as it allows participants to experience the entire process of responding to security incidents beyond solving unit technology problems.

The issues (contents) of the hacking defense competition are designed to enable participants to learn and verify a wide array of technologies that form the foundation of hacking and information security. In addition to essential technical areas such as web hacking, system hacking, reverse engineering, cryptography, malware analysis, and forensics, recent competitions have incorporated the latest technologies and security issues, including specific industrial sectors like industrial control systems (OT/ICS), transportation, maritime, aerospace, and AI security.

Why CTF Competitions Are Often Participated in Teams

When participants compete as a team, a strategy of dividing roles to utilize each person's expertise is frequently employed. For example, one person may handle reverse engineering, while another is responsible for web hacking to quickly solve problems, or multiple people may collaborate to brainstorm ideas and solve high-difficulty problems. This is significant as it allows participants to experience the teamwork and problem-solving processes necessary for real security organizations to respond to threats, beyond simply assessing an individual's skill level.

CTF Hacking Defense Procedures

To successfully operate a hacking defense competition, systematic preparation is required at each stage, from problem planning to post-management. Each process must be executed properly for the competition to be more than just an event and lead to participants' learning and skill enhancement. The basic operation process of NK White Hat can be utilized as follows.

Six Steps of Basic Operation Process

Problem Planning – Designing scenarios to match the competition's purpose and nature, establishing difficulty and scoring systems, reviewing problem drafts
Problem Creation – Development considering realism and reproducibility, preparing for automated scoring and cheating prevention
Problem Review (Multiple Reviews) – Checking quality, difficulty, and solution paths, eliminating potential operational issues including unintended solution methods
Pre-Check (Rehearsal) – Verifying homepage, problem servers, and flags, testing traffic and resource load, confirming score reflection, operating rehearsal
Main Competition Operation – Managing notification and inquiry response channels, monitoring and responding to cheating, checking solution data in real-time
Post-Management – Sharing problem explanations and solutions, collecting participant feedback, summarizing achievements and areas for improvement

Five Points to Enhance CTF Operation Completeness

The completeness of the competition is determined not only by the quality of problems but also by the overall operating experience. As small inconveniences accumulate, participant satisfaction quickly decreases, so the following elements should also be considered together.

Smooth Communication – Operating notification and Q&A channels on platforms like Discord and Slack, promptly handling issues with a ticket system
Participant Experience – The readability of the scoreboard, the intuitiveness of the problem page, and the speed of submission feedback determine the perceived quality of the competition
Realistic Scenario Design – Enhancing the competition's engagement with content that simulates real security incidents, strengthening practical response capabilities
Differentiated Difficulty Setting – Intentionally placing onboarding problems for beginners, intermediate hurdles, and killer problems that determine top rankings
Cheating Detection and Response – Monitoring and responding swiftly to cheating by analyzing solution patterns, submission timing, and environment logs

Why delegate CTF competitions to professional organizations for security?

Why It's Difficult to Run Hacking Defense Competitions

A well-crafted problem set and meticulously planned operations are key factors in determining the positive experience, immersion, and learning outcomes for participants. However, from the organizers' standpoint, hosting a high-level competition regularly and reliably is not easy. This is because the entire process—from recruiting participants, planning and developing content, adjusting difficulty levels, devising operational strategies, to measuring outcomes and promoting the event—is complex and requires substantial costs and specialized personnel. If managed poorly, there is a risk of not achieving the investment returns and simply leaving participants dissatisfied. For these reasons, many organizations opt to outsource competition operations to specialized agencies or limit them to once-a-year events.

NKeyWhiteHat CTF Operating Expertise

Over the years, NKeyWhiteHat has accumulated verified processes and know-how by operating major domestic hacking defense competitions such as CCE, CODEGATE, FIESTA, and the White Hat Contest, as well as cybersecurity competitions for government and local entities. Furthermore, by participating directly in world-renowned hacking defense competitions and cybersecurity training like DEF CON and Locked Shields, they have gained international experience, and continue to recruit talents who are former prize winners of such competitions to create content that combines expertise and creativity.

Based on the expertise gained through directly experiencing all processes from problem planning and creation to operation and post-management, they support not just simple events but establish continuous training systems and help build customized training centers and provide content to universities, the military, and public institutions. Through this, NKeyWhiteHat not only operates hacking defense competitions tailored to the goals of companies and institutions, but also assists organizations in continuously enhancing their security capabilities, nurturing talents, and improving external credibility through security training centers where education, training, and evaluation are organically connected.

Custom Security Training Platform, NKey WhiteHat CAMP

The benefits that practical education or hacking defense competitions bring to an organization are clear, but in reality, hosting them frequently is difficult. Enki Whitehat developed the CAMP platform based on its accumulated experience operating competitions and creating content. CAMP is not just a training platform or practice environment; it offers a comprehensive learning environment covering everything from theory and practice education to wargames and CTF operations. Through CAMP, practitioners can access a range of content from basic to advanced levels, acquire the latest security technologies, and experience repetitive real-world response training.

Main Features of CAMP

Currently, CAMP is operated focusing mainly on two functions.

Education: A curriculum-based theory and practice course enables step-by-step learning from beginner to advanced levels, allowing trainees to systematically internalize knowledge through repetitive training.
Wargame/CTF: Leveraging accumulated problems and scenario content to easily host organization-customized competitions. Participants experience problem-solving at actual competition levels to maintain practical sensing.

In addition, Enki Whitehat not only designs educational curricula and operates hacking defense competitions but also has experience in directly creating and managing cyber training content on an organizational and national scale. Based on this experience and expertise, CAMP plans to offer attack-defense training (offense-defense training) functions mimicking large-scale infrastructure. Through training, team-based response training close to real environments is possible, facilitating multidimensional and practical security capability enhancement.

Main Characteristics of CAMP

The main characteristics of CAMP are as follows:

Content Focused on Real-World Practice: Content design reflecting the experiences of white hackers verified through global competitions like DEF CON and Locked Shields and actual hacking cases, allowing for learning beyond mere technical problem-solving to understanding how vulnerabilities and attack techniques lead to actual incidents.
Scenario-Based Training: Beyond mere technical problem-solving, it enables step-by-step experience of the incident flow from attack occurrence -> analysis -> response.
LMS-Based Operation: It provides a web-based practice environment that requires no installation, supporting functions for trainee management like scoreboard, performance monitoring, Q&A, and surveys.

Through CAMP, companies can easily host hacking defense competitions, and internal members can continuously repeat the cycle of education → problem-solving → practical training within the organization. This goes beyond merely acquiring knowledge to systematically securing practical security capabilities from an attacker's perspective.

Enki Whitehat CAMP Application Case

In August 2025, Enki Whitehat provided a practical cyber education platform based on 'CAMP' to the newly established Department of Cybersecurity at Peru National University. This supports students to go beyond simple theoretical classes to real practice by offering overseas installation and operation support along with instructor training, contributing to the creation of a sustainable cybersecurity education ecosystem.

Provision of educational and practice content: Curriculum and problem content in 7 fields such as web, reverse engineering, forensics, etc.
Establishment and operation support of practice environments: Support for building and operating stable and repeatable practice environments
Instructor training and technical support: Transfer of technology to enable independent local education and operation

Thus, Enki Whitehat is providing the CAMP platform to allow private, government, and military security professionals and educational institutions to train in environments that simulate real situations anytime, anywhere. CAMP, aiming to build a sustainable security education and training ecosystem beyond one-off events, has already proven its value in domestic and international fields.

Moving forward, the offensive security specialist company Enki Whitehat will become a reliable partner, supporting the creation of a safer cyber space based on rich experience in offensive security diagnosis and hacking defense contest operations, helping clients' businesses grow without interruption.

EnkiWhiteHat

ENKI Whitehat

Offensive security experts delivering deeper security through an attacker's perspective.

2025 Comprehensive National Cybersecurity Strategy and Initiatives

Comprehensive Interdepartmental Information Protection Plan and Issues

Security Insights

2025 Comprehensive National Cybersecurity Strategy and Initiatives

Security Insights

2025 Comprehensive National Cybersecurity Strategy and Initiatives

Threat Intelligence

In-Depth Analysis of the APT Down - The North Korea Files leak

Threat Intelligence

In-Depth Analysis of the APT Down - The North Korea Files leak

Threat Intelligence

In-Depth Analysis of the APT Down - The North Korea Files leak

Security Insights