The Sandbox

RSA Conference’s “sandboxes” are full of hands-on interactive experiences to test your infosec skills. Demo and discuss how pervasive computing and connectedness will inevitably lead to a broader threat landscape in healthcare and business; expand your thinking about threats to smart cities, electric grids and industrial processing plants; and challenge your infosec skills for network and digital forensics. New this year is a one-hour Capture the Flag!

The Sandbox will be located in the Marriott Marquis Golden Gate Ballrooms, adjacent to the Early Stage Expo. Also located in the space is the Cybrew Café which offers specialty coffees, a cool atmosphere and charging stations where you can recharge your physical and mental batteries.

This year the Sandbox opens with RSAC's third annual craft beer tasting event, CyBEER OpsFind out more.

SANS NetWars in the Sandbox
Industrial Control System (ICS) Sandbox

Internet of Things Sandbox

IoT image

working image

SANS image

NetWars in the Sandbox

NetWars imageSANS Core NetWars Experience is a hands-on information security challenge developed to build and enhance your skills as an infosec professional. On Wednesday, February 15 or Thursday, February 16 you can build and enhance your information security skills by competing with your peers through progressively difficult challenges. Score points on our interactive scoreboard either by yourself or in a team of up to five players. SANS NetWars was designed for novice (hints available) to advanced professionals and covers various aspects of penetration testing, forensics, defense, and your ability to rely on your experiences and problem-solving skills to navigate from Level 1 through Level 5 of gameplay. Learn more about the NetWars Experience.

SANS DFIR NetWars Tournament is a hands-on incident simulator packed with a vast amount of forensic, malware analysis, threat hunting, and incident response challenges designed to help you gain proficiency without the risk associated when working real-life incidents. It is unique in that it provides time-limited challenges that can be used to test the skills you've mastered, and at the same time, help you identify the skills you are missing.

SANS One-Hour CtF (Capture the Flag): SANS will host a capture-the-flag event in one hour, start to finish. It’ll all be done in real time. SANS will introduce a technical idea over the space of 10 minutes with some slides and then you’ll have 40 minutes to hack something using ideas from those slides and your own amazing skills. We’ll reveal the answers and award prizes in the last 10 minutes. You won’t need any tools (they’ll all be ready for you in a browser-based environment). The whole idea here is to break down barriers to participation in CtFs.

View All Sandbox Experiences


The ICS Sandbox

As the backbone of modern society, vulnerabilities in industrial control systems (ICS) has come to the forefront of businesses, governments and organizations. This year, ICS will conduct a deeper dive into the Industrial Internet of Things, simulate an ICS cyberattack and think through implications of smart cities on the grid.  

ICS Sandbox Sessions:

  • Cyber, an Evolving Ecosystem: Creating the Road for Tomorrow's Smart Cities
  • Fact or FUD? ICS Cyberattack Simulation and Impact Analysis Fun for the Whole Family
  • Anatomy of Industrial Cyberattacks
  • Safety First! Strategic Solutions to Protect the Industrial Internet of Things
  • Game Plan for Security: Understanding ICS/SCADA Cybersecurity Threats, Vulnerabilities, Vectors, and Attack Methods 
  • Adding Security to Your ICS Environment? Fine! But How?! 


Internet of Things Sandbox

Organized by security consulting and research firm Independent Security Evaluators (ISE), IoT Village™ delivers expertise advocating for security advancements in Internet of Things (IoT) devices. This exhibit highlights vulnerable connected devices and groundbreaking security research found in devices as common as smart cameras to devices as complex as solar panels and medical devices. Experience thought-provoking talks by expert security researchers who dissect real-world exploits and vulnerabilities and analyze the impact on the consumer and business environments. Stay informed by following both ISE and IoT Village on Twitter.

IoT Sandbox Sessions:

  • Unexpected IoT–Solar Panels Compromise
  • Weaponizing IOT
  • IoT in Healthcare
  • What Do You Mean, “Patch”? A Shared Vision of IoT Security Updates
  • The Connected World Has Been Disconnected: Survival Guide in IoThreats Era
  • Ransomware, Drones, Smart TVs, Bots: Protecting Consumers in the Age of IoT
  • All Your Locks Are BLEong to Us
  • IoT Live Demo
  • Medical Device Security Considerations: Case Study 

This document was retrieved from on Sun, 16 Jun 2019 19:02:58 -0400.