Computer Science
Security & Cyber Defense Challenges
Security & Cyber Defense challenges put you inside the work of protecting systems from real attack. You'll build skills around the CIA triad, authentication, identity & access management and network security, and learn to work the OWASP Top 10 and run vulnerability scanning the way defenders do.
From there you'll tackle the harder edges — threat modeling, the MITRE ATT&CK framework, SIEM operations and incident response — moving into cyber risk management, Zero Trust architecture and red team operations. Each challenge you solve earns a verified credential you can share with recruiters.
- ResearchIntermediateNew
Run an Alignment Probe on a Coding Assistant
You will design 240 probe prompts across 3 classes: (1) over-refusal (innocuous coding asks the model should fulfill), (2) insecure code patterns (asks where the model should wa…
- Red Teaming
- Alignment Evaluation
- LLM Evaluation
Large Language Models - CodeBeginnerNew
Implement Authentication and Access Control for a Civic Portal
Receive the current Next.js + Express prototype, the data model (residents, requests, documents, audit log), and the 4 staff roles (resident, clerk, supervisor, auditor) with th…
- Authentication
- Authorization
- Rbac
Introduction to Computer Security - DesignIntermediateNew
Intrusion Detection at the Edge for a Tier-1 Auto Supplier's OT Network
Receive an anonymized network diagram for 1 plant, sample pcap (packet capture) traffic of Modbus + OPC UA + PROFINET flows, and a list of 10 known OT attack scenarios from MITR…
- Intrusion Detection
- Ot Security
- Zeek
Network Security - AnalysisSeniorNew
Forensic Reconstruction of an Anonymized Energy-Grid Incident
Triage the artifacts using a timeline-first methodology. Build a unified timeline across syslog, historian, firewall, and disk-image artifacts (Plaso super-timeline). Identify c…
- Digital Forensics
- Incident Response
- Ics Security
Cyber-Physical and Cybercrime Topics Practice your coursework on real scenarios.
Every challenge is shaped from real-world context — not generic exercises. The work mirrors what your degree prepares you for.
Why Ewance
- AnalysisIntermediateNew
Threat Model a Water-Utility SCADA Network Before a Migration
Review provided network diagrams (current and proposed), the asset inventory (around 180 PLCs (programmable logic controllers), 22 engineering workstations, 6 historian servers)…
- Threat Modeling
- Ics Security
- Scada
Cyber-Physical and Cybercrime Topics - DesignIntermediateNew
Design a Secure Wi-Fi Onboarding Flow for IoT Devices
Design a BLE-based onboarding protocol: device advertises a service UUID on power-on, the companion app discovers, performs an ECDH key exchange, then encrypts and sends Wi-Fi S…
- Link Layer Protocols
- Ble
- Secure Onboarding
Computer Networks - PresentationBeginnerNew
Run an Incident-Response Tabletop for a Healthtech On-Call Team
Design 3 tabletop scenarios with realistic timeline injects (every 5-10 minutes, new info arrives). Run the tabletop hybrid (in-person + remote) with the 8 on-call engineers + 2…
- Incident Response
- Tabletop Exercises
- Incident Command System
Site Reliability Engineering - DesignSeniorNew
Design a Confidential-Computing Architecture for a Genomics Workflow
Receive the workflow description (per-hospital genome BAM files uploaded to S3, processed by a variant-calling pipeline, results returned per-hospital), the partner-hospital leg…
- Confidential Computing
- Remote Attestation
- Secure Architectures
Computer Systems Security - Browse challenges
Explore role
Product Manager
Ship product that solves real user problems. Combine user research, prototyping, and stakeholder alignment to turn ambiguous briefs into measurable wins — the role at the centre of modern software teams.
- DesignIntermediateNew
Detection Engineering for Cloud DDoS Against a Public-Sector Portal
Receive sanitized logs from the 2 prior incidents (CloudFront, ALB, WAF) and the current AWS architecture. Design: 6 Sigma detection rules (mix L7 floods, slow-POST, low-rate di…
- Ddos Defense
- Detection Engineering
- Waf
Network Security - DesignIntermediateNew
Design a Secure-by-Default IoT Device Provisioning Flow
Design end-to-end provisioning: factory bootstrap (per-device key pair burned at manufacture), installer flow (BLE-driven activation, Wi-Fi handoff), cloud-side enrollment (mTLS…
- Iot Security
- Secure Provisioning
- Mutual Tls
Cyber-Physical and Cybercrime Topics - DesignIntermediateNew
Authentication + RBAC for a Multi-Workspace SaaS
Design the auth architecture: identity provider (managed), session model (JWT with rotation), workspace-membership claims, RBAC permission model (4 default roles, custom-role ca…
- Authentication
- Rbac
- Sso
Engineering Software as a Service - ResearchSeniorNew
Concept-Activation Vectors for an Autonomous-Vehicle Perception Audit
You receive a trained semantic-segmentation model (8 classes including pedestrian, vehicle, road, sky), an internal validation set of 2,500 driving frames, and a small concept-i…
- Tcav
- Concept Explanations
- Interpretability
Explainable and Interpretable AI Build a verifiable portfolio.
Submissions become evidence. Reviewers with shipping experience score against a rubric; the result becomes a credential anyone can verify.
Why Ewance
- ResearchIntermediateNew
Red-Team an Image-Classification Pipeline for a Banking KYC Workflow
You receive the production image classifier as a black-box API plus a labeled validation set of 5,000 ID images. Run untargeted FGSM and PGD attacks (L_inf budget 4/255 and 8/25…
- Adversarial Attacks
- Robust Evaluation
- Red Teaming
Trustworthy AI, Robustness, and Safety - ResearchIntermediateNew
Red-Team Evaluation of a Refusal Policy
You receive the lab's written refusal policy (version 2.3) and a starter set of 60 red-team prompts (10 per category). Extend the set to 240 prompts (40 per category) using docu…
- Red Teaming
- Refusal Policy
- Alignment Evaluation
Machine Learning from Human Preferences (RLHF and Alignment) - AnalysisSeniorNew
Cyber-Physical Security Audit for a Connected-Building HVAC System
Audit one representative tower's BMS: enumerate BACnet devices (network discovery + capability inventory), identify lateral-movement paths (tenant wifi -> guest network -> BACne…
- Cyber Physical Systems
- Ot Security
- Risk Management
Internet of Things and Cyber-Physical Systems - ResearchIntermediateNew
Red-Team a Customer-Service Chatbot for Jailbreak Resistance
Use a published taxonomy of jailbreak categories (prompt injection, persona override, encoded payloads, multi-turn escalation, refusal bypass, tool-misuse). For each category, d…
- Red Teaming
- Jailbreak Analysis
- LLM Evaluation
AI Safety and Alignment - DesignSeniorNew
Design a Cross-Chain Bridge Protocol with Honest Threat Model
Read the Vitalik 'cross-chain interoperability' essay and survey 3 existing bridge designs (lock-and-mint, atomic-swap, optimistic-rollup-native). Design your protocol around a …
- Blockchain Protocols
- Smart Contracts
- Solidity
Blockchain and Decentralized Systems Engineering - DesignIntermediateNew
Author an Incident Response Playbook for a Fintech Startup
Author a 4-phase playbook (Prepare, Detect & Analyze, Contain/Eradicate/Recover, Post-Incident) covering 6 incident classes: data breach, ransomware, account takeover, payment-f…
- Incident Response
- NIST Sp 800 61
- Security Governance
Information Security Management and Governance - DesignSeniorNew
Design an OS-Level Side-Channel Mitigation for a Multi-Tenant Cloud
Read 3 canonical cache-side-channel papers (provided). For each attack: characterize the threat model, the required attacker capabilities, and the OS-level invariant that, if he…
- Os Security
- Side Channels
- Virtualization
Advanced Operating Systems - CodeBeginnerNew
Find and Exploit Web Vulnerabilities on a Capture-the-Flag Range
Receive credentials to the CTF environment, the 8 challenge specifications (each with a target endpoint and a flag to extract), and the Rails source for the vulnerable app. For …
- Web Security
- OWASP Top 10
- Penetration Testing
Introduction to Computer Security - CodeBeginnerNew
Build a Secure-Coding Linter Ruleset for a Backend Team
Receive the last 12 security-review findings, 3 representative repos (Node.js + TypeScript), and access to a CI pipeline (GitHub Actions). Build a custom Semgrep ruleset (or ESL…
- Secure Coding
- Static Analysis
- Semgrep
Introduction to Computer Security - CodeIntermediateNew
Apply Differential Privacy to a HealthTech Analytics Dashboard
Wrap the existing analytics layer with OpenDP (or Google's differential-privacy library). Implement epsilon-delta accounting: per-query Laplace noise for counts and sums, Gaussi…
- Differential Privacy
- Privacy Budget
- Python Programming
Privacy-Enhancing Technologies - AnalysisBeginnerNew
Threat-Model a Patient-Intake Web App for a Telemedicine Startup
Receive the architecture diagram (Next.js front-end, Node.js API, PostgreSQL, S3 for ID-photo uploads, Clerk for auth), the data-flow description for patient intake, and the SOC…
- Threat Modeling
- STRIDE
- Risk Assessment
Introduction to Computer Security - ResearchIntermediateNew
Safety-Test a Customer-Service Agent for Adversarial Prompts
You receive a sandboxed instance of the agent (a tool-using LLM that can read account balances and open support tickets — both mocked). Design a red-team suite of at least 80 pr…
- LLM Agents
- Red Teaming
- Adversarial Prompts
AI Agents and LLM-Based Agents
How it works
From brief to credential, in six steps.
Step 01
Browse challenges aligned to your studies.
Step 02
Accept the one that fits your goals.
Step 03
Work through it with AI Copilot guidance.
Step 04
Submit for structured evaluation.
Step 05
Earn a verified credential.
Step 06
Add it to LinkedIn with one click.
Related skill families
Browse all skillsIndustry teams behind a decade of practitioner briefs
Hiring from this pool?
Sponsor a challenge and meet candidates through actual work.
Industry teams can shape briefs around the skills they hire for, then evaluate students on rubric-scored deliverables — not resumes.



















































































