Join us in the RSA Conference Sandbox, a hands-on and interactive space where you can test your cybersecurity skills – and learn new ones. The Sandbox, located on the 2nd floor of Moscone South, is open to Expo Plus and Full Conference Pass holders. This year, the Sandbox opens on Tuesday, February 25 with our sixth annual craft beer tasting event and networking reception, CyBEER Ops!

Schedule

Tuesday, February 25  4:30 PM – 6:00 PM | CyBEER Ops Networking Reception
Wednesday, February 26  8:00 AM – 5:00 PM
Thursday, February 27  8:00 AM – 3:30 PM


Demos

Explore 12 different sandboxes, each focusing on a unique topic that impacts today’s cybersecurity industry and our ability to protect tomorrow’s future. 

Aerospace Sandbox
Brought by Aerospace Village

Dependence on connected technologies exposes the aerospace ecosystem to new types of risks. Discover how savvy aerospace companies, security researchers, and the public are working towards safe, reliable, and trustworthy air travel.
Car Hacking Sandbox

Brought by Car Hacking Village

Enjoy a hands-on experience with industry experts as they educate attendees on the functionality of vehicle systems and the vulnerabilities that could significantly impact the safety and security of today’s drivers and passengers.

ICS Sandbox: Training

Brought by ICS Village

Skilled ICS security practitioners are in great demand in all industry verticals. Quality hands-on training is needed for a successful security program. Experience multiple short training exercises that will introduce you to Industrial Control Systems and how to secure them.

ICS Sandbox: Defending Your ICS
Brought by ICS Village

Securing your Industrial Control Systems can be very overwhelming. Stop by and interact with industry professionals to find answers to your questions as well as get first-hand exposure to technology that will help you achieve your goals. 
ICS Sandbox: Know Your Threats

Brought by ICS Village

Learn about some of the threats that exist for Industrial Control Systems and how you can validate that your implemented security solutions are meeting your goals.    

IoT Sandbox: Bypassing Security Controls in IoT

Brought by ISE (Independent Security Evaluators) 

Participate in a self-guided, hands-on lab focused on circumventing security controls found on common internet connected devices. Experience how newly-discovered vulnerabilities were identified and how they could impact consumers. 

 
IoT Sandbox: Finding Secrets in Trashed IoT

Brought by Rapid 7

Join researchers form Rapid 7 and participate in hands on exercises where you'll have the opportunity to extract firmware and data from flash memory on IoT devices.

 
IoT Sandbox: Hacking 101
Brought by Village Idiot Labs
Whether you're a penetration tester that has never hacked IoT devices or even someone that has never hacked anything; learn the tools, techniques and some of the common weaknesses used in IoT device hacks.
IoT Sandbox: Hacking Hardware and SDR
Brought by Black Hills Information Security
These labs provide a step-by-step process on various aspects of conducting physical hardware and Software Defined Radio attacks against a variety of components.
Medical Device Sandbox
Brought by Biohacking Village
Global health ingenuity is on the rise thanks to cross-industry collaboration. Learn how the security research and healthcare communities are developing real solutions for humanity's most pressing challenges.
SANS NetWars in the Sandbox

Brought by SANS

Back by popular demand, SANS Core NetWars Tournament is a staple in the RSAC Sandbox. Compete with your peers in a hands-on cybersecurity challenge developed to build and enhance your skills as a cybersecurity professional. Learn more.

Supply Chain Sandbox

Brought by I Am The Calvary

Supply chain management is a critical factor of business success. Explore the impacts of supply chain issues and learn concepts and approaches to manage cyber supply chains more effectively.

Voting Sandbox
Brought by Voting Village 

Voting machines relevant to the state of California will be available for hands-on exploration, education and hacking attempts. Receive tools and past security reports as you hunt for new vulnerabilities or explore old ones, then watch a demo of a voting machine hack. 

Capture-the-Flag Activities

Designed to test your skills, check out the variety of capture-the-flag events available in the Sandbox this year: 
  • SANS NetWars: SANS Core NetWars Tournament is a hands-on cybersecurity challenge developed to build and enhance your skills as a cybersecurity professional. Compete with your peers through progressively difficult challenges and score points on our interactive scoreboard either by yourself or in a team of up to five players. SANS NetWars Tournament was designed for novice (hints available) to advanced professionals and covers various aspects of penetration testing, forensics, defense, and your ability to rely on your experiences and problem-solving skills to navigate from Level 1 through Level 5 of gameplay. Watch a video to learn more.
  • Red Team Webapp Hacking: This lab walks you through different exercises related to hacking modern web applications. We will use tools like Websploit 2.0 and others to take you through conception to active control. Participants will also receive tons of materials and additional exercises that you can complete on your own. Take advantage of VMs and Docker containers that were created to practice your skills.
  • Voting Sandbox CTF: Join us for a multi-level joint capture-the-flag (CTF) exercise. Multi-level in this instance means we offer instructions (so no prior skills are needed) and three layers of difficulty. The competition can be done as an individual, but we recommend teams. Participate in a voting machine hack that will also have the added benefit of teaching you how the government and administrative side of elections function, and how it could be vulnerable to foreign attackers as a result.

Presentations

Industry experts will take to the Sandbox stage for 30-minute high-impact talks. Sit in on topics ranging from how pervasive computing and connectedness will inevitably lead to a broader threat landscape to the prioritization of cybersafety in areas that affect healthcare, public safety and transportation. 

Networking and Recharging

Located adjacent to RSAC Early Stage Expo, the Sandbox hosts the Cybrew Café which offers specialty coffees, a cool atmosphere and charging stations where you can recharge your physical and mental batteries.