It was time to try something new, so I decided to participate in a Capture the Flag (CTF) event for the first time. Some challenges were straightforward, while others were very complex, but the overall experience was exciting and rewarding. I come from a predominantly social science background in communication, journalism, law, arts, and philosophy. While I also have mixed-methods research experience, the quali-quanti balance sways more on the qualitative side. It was because of this that I took it upon myself to see if I could participate in the 2025 Target Defense Challenge hosted by Women in Cybersecurity (WiCys). I knew it was going to be hard. The more I captured the flag and passed each challenge, the more I realized that my mission was to learn and grow each step of the way.

The 2025 Target Defense Challenge was a Capture the Flag (CTF) themed cyber defense event that took place from July 1 to August 14. I created a writeup to show my methodology, including tactics, techniques, and procedures in the challenge, which you can find in my GitHub link here. As a mixed-methods social scientist, I wanted to explore something completely new that would challenge my mind and push me further. The experience allowed me to gain practical and technical skills and to think outside of the box while solving cybersecurity issues.

There were two tiers. Tier 1 is primarily blue team focused, and Tier 2 is red team. I created the write-up based on my experience from the Tier 1 challenges. In Tier 1, we worked through simulated cyberattack scenarios against a tech company called Personalyz.io. We tested our ability to detect, analyze, and respond to threats. Personalyze.io received a ransom demand, and we played the defender to identify the intrusion and determine how the data was exfiltrated.

I completed 14 challenges in Tier 1, which included the preliminary and main challenges. Each stage had different levels of difficulty, and you could only progress by capturing the flag. I initially faced a delay accessing the CTF platform due to high participant volume, but I quickly adapted and focused on learning efficiently once I gained access three days later. There were over 1000 participants entering the site at the same time. I knew those who had started from day one had a huge lead and advantage. So, my mindset shifted from competitive mode to learning mode, an educational experience, and having fun along the way. This shift allowed me to enjoy the process instead of feeling pressure, which in turn helped me take my time and focus on cyber subject areas that I never heard about.

Moreover, even though the rules indicated that the event was open to all experience levels, I believe that wasn’t necessarily true. I noticed that you had to at least have some basic knowledge of cybersecurity terms if you wanted to gain points and move to the next level faster. Having experience in coding and programming was a plus, which helped participants solve the problems quickly. In opening hints, you would lose points. And not just little points. Some hints would cost you 90 plus points. Therefore, there was an advantage in coming into the event already having cybersecurity and coding experience.

Nevertheless, one particular challenge that actually did not require coding or programming knowledge was D3: Ransom Wrangler. My journalism and law background helped me solve that particular challenge quickly. In cybersecurity, the lingo is something called “social engineering,” but my social science background, coupled with the on-the-field training I gained from working in different industries, helped. I incorporated skills I learned from graduate studies and work experience, such as emotional intelligence, negotiation, and conflict resolution, to engage with the fictitious threat actor and negotiate terms that were more favorable to the company I represented.

In the end, the challenges allow me to learn about threat detection, incident response, network analysis, and threat intelligence. I came out of it understanding different type of careers in cybersecurity, even for someone with a social science background like me.

The key takeaways are that the cybersecurity event strengthened my network, log, and digital forensics skills through mock hands-on CTF challenges. I learned to use various sources of research methods, from manual to automated analysis, during complex investigations. I also gained practical skills in negotiation and incident response techniques during ransomware scenarios. Lastly, the event reinforced the importance of patience, persistence, determination, and analytical thinking when handling cybersecurity challenges. It gave me invaluable knowledge and practical experience that I had never encountered before.