Cyber RangeF5
Cyber Range

F5 CTF: Tempest

Event Overview

F5 Tempest delivers an integrated approach to modern application security, empowering you to strengthen and protect your organization’s critical systems. This game incorporates powerful capabilities across the F5 security and app‑delivery portfolio, offering a unique opportunity to test your skills against real-world threats targeting today’s distributed applications. Tools utilized within the game: 🔷F5 BIG‑IP Advanced WAF - Application inspection and exploit protection 🔷F5 NGINX - API and application delivery security 🔷F5 Distributed Cloud Services - Zero‑trust networking and hybrid app security This mixed capture‑the‑flag event challenges your team to investigate the weakened DR environment, uncover vulnerabilities in the web application and AI chatbot, identify active threat actors, and implement controls to stop ongoing attacks. Points are awarded for identifying weaknesses, remediating exploits, and strengthening the compromised network.

What to expect

Whirlwind Wealth has suffered catastrophic damage after an F5 tornado destroyed their primary data center. Critical services have failed over to a disaster recovery site, but the security posture there is weak — patching and updates have been neglected, leaving the environment exposed. Opportunistic threat actors are already probing for vulnerabilities, and your team has been enlisted to investigate, contain, and stop the attack before customer data and financial systems are compromised.
  • This Capture the Flag challenge has been meticulously crafted to emulate a real‑world breach. You’ll leverage F5 BIG‑IP Advanced WAF for application inspection, NGINX for securing APIs and app delivery, and F5 Distributed Cloud Services to harden workloads across hybrid environments.
  • You’ll face web application exploits, API abuse, container compromises, and protocol anomalies. You’ll put your knowledge of F5 technologies — and your ability to defend a weakened DR environment under pressure — to the test.

Goals and Objectives

Using any means necessary, your team (3–4 players) has six hours to investigate your organization’s environment, identify compromised systems and attacker footholds, and defend critical applications and data against a sophisticated adversary campaign. Additional tools utilized within the game: 🔷 F5 BIG‑IP Advanced WAF – web application firewall for application inspection and protection against exploits 🔷 F5 NGINX – application delivery and reverse proxy for securing modern apps and APIs 🔷 F5 Distributed Cloud Services – zero trust networking, DDoS mitigation, and app security across hybrid environments

Who should attend?

Teams seeking training on Blue Team tactics, SOC analysts, Incident Response specialists, Application Security Engineers, Infrastructure and Cloud Engineers, Cybersecurity Architects, and DevSecOps teams working with containers and APIs

Related content

Cyber Range - Initiation

Initiation is a Capture the Flag (CTF) lab meant to introduce you to the WWT Cyber Range platform and serve as a tutorial for future events. You will be introduced to the features and functionality as well as provided tips for success during future WWT Cyber Range CTFs. This lab will also allow you to test your access using the same platform we use for our live CTF events so you can make sure you will be ready on game day.
Advanced Configuration Lab
Fundamentals
2929 launches