Documente Academic
Documente Profesional
Documente Cultură
SAPLabsIsraelTheCyberChallengeConundrum|SCN
GettingStarted Newsletters
Hi,Guest
LogOn
JoinUs
Store
SearchtheCommunity
Products
Services&Support
AboutSCN
Downloads
Industries
Training&Education
Partnership
DeveloperCenter
Activity
LinesofBusiness
UniversityAlliances
Events&Webinars
Innovation
Browse
Communications
Actions
InsideSAPLabs
SAPLabsIsraelTheCyberChallengeConundrum
PostedbyAvishaiKlaimaninInsideSAPLabson28Jun201615:04:15
Share
13
Tweet
Like
CyberWeekisoneofthemostimportantannualcybereventsheldinIsrael.
AsignificantitemontheagendaofCyberWeekistheCyberChallengetheultimatehackingcompetitioninthe
cyberarena.ThisyearSAPdecidedtotakeanactiveroleinthiseventandthisishowitallbegan.
ItwastheweekbeforePassoverwhenourmanager,OritBezalel,cametousandannounced:Wearegoingto
buildtheprechallengefortheCyberChallengeandweneedtogetitdonewithinonlytwoweeks.Afterthefirst
initialshockandtherealizationthatthePassoverholidaywillnotincludeavacation,westillhadsomedoubts
thatwecouldactuallyfinishsuchataskwithintherequiredtimeframewithoutcompromisingthequalityofour
dailyworkforourcustomers.But,giventhatweunderstoodthatthiswasagreatopportunitytolearnand
develop,welookedateachother,andtookadeepbreath,andunanimouslysaid..."Okay,letsdothis!
OurgroupconsistedofOritBezalel,theprojectlead,andAnnaGurayevskaya,OmriMaman,NathanBorik,
MichaAzulay,AdamFloor,AsafBenjamin,andthewriterofthishumbleblog,AvishaiKlaiman.
Hereisthestoryofhowwemanagedtosuccessfullycompletethisamazingtask.Ataskwhichturnedintoan
amazinglearningexperiencestickwithusandwewillsharemoreaboutourjourney.
DesigningtheChallenge
First,wedefinedthehackingtechniquestobeincorporatedintothischallenge.Thisdecisionwaslargelybased
onthelevelofexpertisethatwasrequiredinordertocompeteintheSecurityChallenge.Oncewehaddefined
thehackingtechniques,wethenbuiltthestorylinearoundit:acitymayorwaskidnapped.Thiskidnappingwas
enabledbythekidnappershackingintothemunicipalitywebsiteandfindingthemayor'sschedule.Theplayers
missionwastotracethestepsofthehackerswhobrokeintothewebsite.
ChoosingtheRightTechnology
Wehadtochooseourtechnologywisely.WehadsomeexperiencewithMEANstack,andweknewthatthis
awesometechnologywouldenableustobuildthiswebsitewithintwoweeks.
ConqueringtheDevelopmentTasks
http://scn.sap.com/community/labs/blog/2016/06/28/thecyberchallenge
1/3
29/06/2016
SAPLabsIsraelTheCyberChallengeConundrum|SCN
Weworkedasanagileteam:postedtasksandmeteveryday,sometimesevenmore,forastatusupdate.Each
memberwasassignedwithatask,andwhendonethememberwouldchooseanothertaskfromthelist.
Weworkedveryhard,overweekendsandthroughoutthePassovervacation.Aswitheverychallengingproject,
wehadsomeupsanddowns,andwehadourdoubtsthatwecouldreallyfinishthischallengewithinthetwo
weekswithoutcompromisingthequalityofthemission.Ofcourse,Oritwasalwaystheretoraiseourheadsand
soothoursoulswithencouragingwordsandchocolates.Weworkedtogetherinthespiritofoneforallandall
forone.
WeDidIt!
Aftertwoweekswehadachallengealbeitwithminorbugs,butneverthelessworking!
TestingwithSecurityExperts
Wewantedourchallengetobesecuredinsuchawaythatthestepsofthechallengecouldonlyberesolvedin
themannerthatwehadintended.Toachievethis,duringthedevelopmentprocess,wehadthesupportof
securityexpertshereinSAPLabsIsraelwhohelpedustoensurethatthechallengewasairtightandhadno
vulnerabilities.
TheStorylineChangesThereGoesOurCode
Afteranintenseroundofbuildingandtesting,wegotamessagefromtheconferenceorganizersthatthe
storylineneedstobechangedbecausethemayorspecifiedinthechallengedecidedthathedoesnotapprove
theuseofhisnameforthegame.Needlesstosay,wewerestunned.Wealreadyhadaworkingchallengeand
nowwewouldhavetochangethewholestory,doanewUI,andcustomizethechallengestepstofitournew
storyline.
TheCyberWeekorganizershadtoquicklyfindanotherstoryline.TheymanagedtorecruitGuriAlfi,thewell
knownIsraelicomedian,tobethekidnappedcelebrity.CastingGuriAlfiasthekidnappedpersonaddedsome
morehumortoourproject.
WithGuriasthemaincharacter,westruggledtofindawebsitethatwouldsuitthenewstoryline.Withthe
mayorwesimulatedamunicipalitywebsitetohack,butwhatcouldpeoplehacktokidnapGuri?Intheend,we
decidedtobuildanimaginarysiteforGurisagency,whorepresentsGurionlythisiswhywecalledittheOne
ManShow
So,again,weworkedfromduskuntildawnreworkingthechallengeandcheckingforbugsconstantlyandfixing
themimmediately.Aftertwomoreweekswewereonceagain.done!
Withonlyafewminorbugsthatwewerestillworkingtosolve,wedecidedtolaunchthechallengeonMay31.
Whilethiswashappening,Oritwasworkingonfindingaservertohostourchallenge.Duetotimeconstraints
andsecurityconcerns,varioushostingcompaniescouldnotsupplytheneededrequirements.Eventually,we
receivedawebserverfromtheTelAvivUniversitytouseforourchallenge.
FinallytheBigLaunch!
Wedidourlastchecksandfixedthelastminorbugs.OnMay31stwewerefinallyreadytolaunch.Onthe
eveningofMay31st,wehadhundredsofuniquevisitorsfromdifferentcitiesfromaroundIsrael,andevensome
fromabroad.Thousandsofpageswereviewed,andeachplayertriedtohackourwebsiteinvariousways.No
matterwhatthehackers(players)triedtodotoourwebsite,itremainedupandrunning.WemadeaContact
UspagewithaGmailaccountthatweopenedinordertohelppeoplewithvariousissues.
Intheend,allofourhardworkpaidoff,peopleparticipatedinourchallengeandtheylovedit!
Wemanagedtohitourtarget.Weaimedfor~90peopletoparticipateintheSecurityChallengeatthe
conferenceandoutofthe330peoplewhoregistered,84completedourprechallengesuccessfully.
Afterallthishardwork,wefeltproud.Wehadagreatfeelingofaccomplishment.Nowwearebacktoourday
todayjob .Wehopethatwewillgetachancetoproduceanotherprojectofthiskindagaininthefuture!
Ourbiggestlessonisthatifyousetyourmindtosomething,youcanreallyachievegreatthingsandeverything
ispossible.
http://scn.sap.com/community/labs/blog/2016/06/28/thecyberchallenge
2/3
29/06/2016
SAPLabsIsraelTheCyberChallengeConundrum|SCN
WeWouldnthaveSucceededWithoutTheFollowingGreatPeople
Atthispoint,wewouldliketothanksomepeoplethathelpedusthroughoutthisamazingprocess:
OritBezalel,ourmanager,whobelievedinusfromthebeginning,andwhokeptourspiritshighthroughout
thisprojectwithwisewordsandtastychocolates.
GadAkukaforcheckingourwebsiteforsecurityvulnerabilities.
VadimTomnikovforhelpinguswithAngularissues
OranAlmogforhelpinguswiththeUIandgivingustips
GenadyPodgaetskyandVitalyVainerformakingsometimeforustotrytosolveourchallengeandgiveus
theirfeedback.
HayaRubinsteinandMalcaSagalforhelpinguswiththeEnglishinourwebsite.
MeravSimhiandOrnaKleinmannforgivingusthisopportunity.
Omri,Nathan,Anna,Micha,Adam,AsafandAvishai.
205Views
Tags:cyber,israel,cyberchallenge,cyberweek
AverageUserRating
(7ratings)
Share
13
Tweet
Like
1Comment
SahilRautmare28Jun201619:24
Congratulationsonsuchabigsuccess!!
Like(0)
SiteIndex
Privacy
ContactUs
TermsofUse
SAPHelpPortal
LegalDisclosure
Copyright
http://scn.sap.com/community/labs/blog/2016/06/28/thecyberchallenge
FollowSCN
3/3