Today, we’re proud to announce the launch of a first-of-its-kind challenge to enable Incident Response professionals to test their skills against a selected set of forensic challenges that were built by top researchers and analysts. The challenge is available on and is open to anyone who is willing to test his or hers investigation skills, between April 21st and May 15th. The first-place winner of the challenge will win a $5000 USD prize.

The Cynet 360 platform has long been the platform of choice for multiple IR professionals who found that its seamless deployment and 360 visibility into endpoints, users, and network can optimize and accelerate the response process, enabling analysts to move rapidly from initial investigation to clear insight into the attack’s root cause, progress, and scope.

Across our multiple interactions with incident responders we’ve come to realize that while Capture the Flag (CTF) challenges to test one’s hacking capabilities are quite common, Capture the Evidence challenges that test the ability to investigate and distill insights from extracted files and memory images practically don’t exist – so we set out to create one ourselves!

To do that, we’ve asked our internal IR experts to distill from the actual investigations they’ve conducted the scenarios that most strained their creativity and analysis capabilities. In the course of the process, we have viewed dozens of different challenges that proved once again that forensic investigation can indeed be regarded as both science and art.

The resulting Incident Response Challenge includes 25 challenges in increasing difficulty levels, that were chosen based on the degree to which they would force the participant to move away from his/hers comfort zone to seek innovative and unexpected investigation patterns.



These are The Incident Response Challenge terms and conditions:

  • Sign up as a participant in the The Incident Response Challenge website
  • Start solving the challenges – each challenge comprises a story, question, and files to download and examine in order to answer it.
  • Time matters! The Scoring algorithm calculates a score based on the number of correct answers and the time it took to solve each question (time starts counting from the moment the files are downloaded).
  • The score is made known to the participant after completing all 25 challenges.
  • You are limited to one entry. Anyone who enters more than once, will be disqualified.
  • The winner will be announced 72 hours after the competition closes on May 15th .

Are you a hands-on forensic researcher, SOC analyst, or malware analyzer? Go to , get your hands dirty and beat you peers to get the first prize!