Security Experts:

Connect with us

Hi, what are you looking for?



Facebook Launches Global CTF Competition

Facebook on Monday announced that it is getting ready to kick off its first global Capture the Flag (CTF) competition. 

Facebook on Monday announced that it is getting ready to kick off its first global Capture the Flag (CTF) competition. 

Set to take place between June 1 and 3, 2019, the competition will provide participants a chance to solve various security challenges to earn points. The event will allow interested individuals to test their skills in cryptography, reverse engineering, binary exploitation, web exploitation and more.

The social networking giant says that the challenges in this competition will range in complexity, noting that the CTF was crafted for players of all skill levels.

“We’ve included a few challenges in the competition that are based off of bugs we’ve come across through our bug bounty program,” Facebook says

The social network will be awarding the top three teams that score the most points with prizes amounting to $1,000 for the third place, $2,000 for the second position, and $3,133.70 for the first place. 

The challenges in the CTF, Facebook says, were designed by the various members of the company’s security team, including employees from the Malware Analysis, Product Security and Red teams.

“We see the upcoming CTF as an opportunity for our security team to pay it forward and share the fun we’ve had taking part in CTFs, encourage more people to try their hand at these competitions, and hopefully, participate in our bug bounty program,” Facebook notes. 

The social platform launched its bug bounty program in 2011, and says the initiative helped it make Facebook safe and improve the security of its services. 

Those interested in participating in Facebook’s CTF competition can sign up on this page, which also contains the complete official rules. 

“NO PURCHASE NECESSARY. Void where prohibited. Begins at 00:00:00 UTC on Saturday, June 1, 2019. Ends at 00:00:00 UTC on Monday, June 3, 2019,” Facebook notes. 

Related: Google Announces Fourth-Annual Capture the Flag Event

Related: Facebook and Google Launch Asia-Pacific Bug Hunting Conference

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.


GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet