See how Varonis Menace Labs created Breach on the Seashore, a novel Entra ID coaching expertise. Strengthen your cybersecurity expertise by hands-on studying with this CTF.
Cybersecurity is lots just like the ocean. Though the ambiance could appear calm on the floor, there could also be one thing unknown lurking beneath the floor.
Varonis Menace Labs researchers Doron Kapah and Mark Vaitsman know this actuality firsthand. Most of their days contain investigating how threats leak delicate information in cloud-native environments.
And realizing how AI advances identification administration and the way threats assault organizations, the 2 needed to create an Entra ID coaching expertise that might give different safety professionals a first-hand take a look at what a knowledge breach seems like on the entrance strains with Entra ID. Thus, “Bleach on the Seashore” was born.
Pixel, Varonis’ threat-detection cat, learns of the Entra ID breach whereas vacationing on the seashore and switches into investigator mode. Gamers will be capable of monitor the attacker’s footsteps by Pixel, uncover delicate information they’re after, and hopefully cease the assault earlier than it is too late.
Learn on to be taught extra in regards to the real-life incident that impressed Breach on the Seashore, how AI is advancing risk detection and rising the necessity for hands-on training, and full Breach on the Seashore and earn CPE credit.
Why Entra ID?
Entra ID is extra than simply an identification supplier. It’s the management airplane for your entire enterprise. Join customers, purposes, permissions, automation, and more and more AI-powered workflows. The rise of non-human identities, reminiscent of AI brokers, service principals, and automatic workflows, has modified what an Entra ID breach seems like.
“In right this moment’s AI period, many identities are non-human identities. A breach in Entra might permit risk actors to rework themselves into non-human identities, shortly turning into stealthy and scalable information exfiltration makes an attempt,” he says. mark weitzmanSafety analysis staff chief at Varonis.
The strategies woven all through Breach on the Seashore will not be hypothetical. These replicate examples that Doron and Mark have encountered first-hand in actual buyer environments, and every problem offers a lesson based mostly on what right this moment’s defenders are up towards.
“Non-human identities are quickly outpacing human identities, leading to a rising assault floor. Menace actors can acquire entry and increase whereas posing vital challenges to monitoring and detection,” Doron stated.
Doron additionally identified that organizations are caught between the strain to quickly deploy AI and the lack of their safety infrastructure to maintain up with AI, creating complexities that basically change protection approaches.
Whether or not you are on the crimson staff, blue staff, or want CPE credit score, that is your likelihood to be taught by doing.
Breach on the Seashore is free to play on-line: https://breachatthebeach.com
play bleach on the seashore
Sharing information by the lens of CTF
Realizing that right this moment’s defenders want to concentrate on the newest assaults in Entra ID, Delon and Mark needed to provide defenders a first-hand expertise of what fashionable assaults appear to be.
Breach on the Seashore made positive to show gamers:
- How threats exploit performance, not misconfigurations: Gamers aren’t searching for damaged issues. They’re studying to acknowledge when a legit perform is being weaponized.
- How one can detect threats with out utilizing AI: Doron and Mark deliberately designed CTF to avoid LLM’s capacity to resolve issues that researchers had not thought-about a 12 months or two in the past. Eliminating AI help permits gamers to soak up classes constructed into the expertise quite than studying on the fly to compete.
- How one can take away noise: Processing uncooked Entra logs is a actuality for many defenders. By creating a fancy setting the place information continues to evolve, gamers are challenged to create their very own readability.
Past particular classes, Mark is aware of first-hand how hands-on studying provides defenders real-world follow.
“You do not perceive something except you truly work together with the keyboard, click on, and see the way it works. Simply studying is just not sufficient,” Weitzman says.
Mark additionally shared how the CTF expertise helps gamers really feel its influence, not simply perceive it conceptually.
“CTF makes you’re feeling like that is truly your organization, and when you do not perceive assault flows and inside strategies, you are lacking out on extra than simply the problem,” Vaitsman defined.
Constructed for all cybersecurity professionals
Absorbing new information about Entra ID and AI was a pure match for Mark and Doron, who noticed finishing the expertise helpful throughout all safety roles, together with crimson teamers, blue teamers, CISOs, risk intelligence roles, and extra.
“You’ll be able to’t be a very good or good crimson staff member when you’re not conversant in the blue staff aspect, and also you in all probability cannot be a very good CISO when you’re not conversant in the offensive aspect,” Batesman continued.
Doron additionally emphasised that the hole between AI and audit visibility is just not one thing that each one safety professionals encounter of their each day work. Together with it within the CTF will assist determine any gaps which may be lacking.
“Not all safety professionals are uncovered to audit logs from methods like Dataverse, Copilot, and the underlying mechanics of how these AI methods work. This CTF provides us a chance to grasp how tough it’s to construct defensive approaches when working with AI brokers,” explains Doron Kapah, Safety Researcher at Varonis.
“This additionally helps you perceive what good identification hygiene seems like and implement least privilege in your personal setting,” provides Kapah.
Early within the growth of Breach on the Seashore, the staff introduced it to the cloud village at RSAC 2026. Suggestions shared by gamers highlighted that it would not really feel like a activity, however quite a inventive problem that retains it enjoyable and impressed.
“Whereas the problem was powerful, the suggestions we obtained was that it was very academic. Even the skilled CTF employees at our sales space advised us they realized one thing new,” Capa says.
Play Bleach on the Seashore now
Whether or not you are on the crimson staff, blue staff, or want CPE credit score, that is your likelihood to be taught by doing.
Breach on the Seashore is free and obtainable to play on-line: https://breachatthebeach.com.
Finishing every stage of the CTF will reward gamers with 1 CPE credit score and a themed badge. As soon as all 4 phases are accomplished, gamers will obtain a certificates of completion that they will share on LinkedIn. If you wish to earn CPE credit, please use an lively electronic mail deal with.
Delon and Mark can even be heading to Las Vegas for Black Hat USA and DEF CON 34, the place they may clarify intimately how the CTF was constructed and immediately help gamers by workout routines. Discover out extra about these occasions beneath.
Play at Black Hat USA 2026:
- August 3-6, 2026
- Contained in the Varonis sales space (#2948)
- On-line gamers and Black Hat contributors who full the CTF by August sixth can be entered right into a drawing to win a $2,000 reward card to Marriott Resorts.
- Be taught extra about Varonis at Black Hat
Play at DEF CON 34 in Cloud Village
- August 6-9, 2026
- Las Vegas Conference Middle
- Cloud Village particulars
- Members can have the possibility to compete towards different contributors within the Cloud Village Seize the Flag Problem, with high gamers receiving varied prizes.
- Registration to play at DEF CON opens earlier than the occasion
You can too play Bleach on the Seashore on-line from wherever.
Sponsored and written by Varonis.
