Duration: Each CTF lasts 4 hours.
SIEM Options: Choose between Splunk and Elastic for your SIEM tool.
Communication: Join our DFIR Labs CTF Discord Server for support and real-time updates.
Cases: You will receive access to 1 detailed intrusion case 1 hour before the start of the CTF. Cases include network and endpoint logs as well as Sigma and YARA hits.
Questions: Complete 20+ questions within the 4-hour timeframe.
Access: All you need is a web browser.
Support: Live support on Discord.

Top 3 players will receive discounted swag, as well as names in the CTF winners book. https://thedfirreport.com/services/dfir-labs/digital-forensics-challenge-winners/

Top 5 players will have the opportunity to join The DFIR Report as a volunteer analyst!