Computer & Information Sciences
Cyber Security Challenges
Real cyber-security challenges on Ewance — assess risk, harden systems, and respond to threats the way a working security professional does. Solve them to build a portfolio of verified, recruiter-checkable proof you can do the work — not just describe it.
Recommended challenges
- CodeIntermediateNew
Harden a Linux Container Runtime Against Privilege Escalation
Receive the pen-test report (with attack chain), the current cluster config (EKS 1.29, default Amazon Linux 2023 worker nodes), and 3 representative workload classes (web API, a…
- Os Security
- Linux Hardening
- Apparmor
Computer Systems Security - CodeSeniorNew
Build a Secure Multi-Party Computation Demo for Cross-Bank Fraud Detection
Pick MP-SPDZ as the MPC framework. Build a 4-party demo computing two protocols: (1) private set intersection of suspicious-account IDs across banks, (2) joint aggregate (count …
- Secure Computation
- Mpc
- Cryptography
Privacy-Enhancing Technologies - AnalysisBeginnerNew
Wireless Security Audit and Hardening for a Telco's Public Wi-Fi
Receive a sampled audit set: AP configurations for 80 sites (vendor mix, current encryption, EAP — Extensible Authentication Protocol — method, captive-portal config). Run analy…
- Wireless Security
- Wpa3
- Eap
Network Security - DesignIntermediateNew
Threat Model a HealthTech Patient-Portal Web App
Read the 25-page redesign architecture document (auth via Clerk, Next.js front-end, FastAPI backend, Postgres, S3 for documents, webhook integration with EMRs). Build data-flow …
- Threat Modeling
- STRIDE
- Secure Design
Software Security Develop in-demand professional skills.
Each challenge names the skills it strengthens. Over time, your profile fills with the competences a hiring manager would actually look for.
Why Ewance
- AnalysisIntermediateNew
GDPR + AI Act Compliance Assessment for an HR-Tech Vendor
Audit the candidate-screening product against: GDPR Articles 5, 6, 13, 14, 22, 25, 32, 35; AI Act high-risk-system obligations (Annex III - employment); plus the customer's spec…
- Compliance
- Privacy Regulation
- GDPR
Information Security Management and Governance - StrategySeniorNew
TLS and PKI Migration to Post-Quantum for a Cross-Border Bank
Receive an anonymized TLS inventory (endpoint, current cipher suite, TLS version, certificate issuer, last rotation, business criticality) and the bank's PKI hierarchy. Score en…
- Tls
- Pki
- Post Quantum Cryptography
Network Security - AnalysisIntermediateNew
Build a Risk Register for a Cross-Border Healthcare Provider
Run 8 structured interviews (CISO, IT director, clinical-systems lead, DPO, 4 clinic managers) to surface the top risk candidates. Map each risk against NIST SP 800-30 (threat s…
- Risk Management
- NIST Sp 800 30
- Security Governance
Information Security Management and Governance - AnalysisIntermediateNew
Anonymous Communications Threat-Model for a Whistleblower Platform
Document the current stack's threat model using the LINDDUN framework (linkability, identifiability, non-repudiation, detectability, disclosure of information, unawareness, non-…
- Anonymous Communication
- Threat Modeling
- Tor
Privacy-Enhancing Technologies - Browse challenges
Explore role
Strategy Analyst
Frame the business question, model the options, build the recommendation. From market sizing to competitive analysis, this role is where strategy consulting meets in-house decision-making.
- AnalysisIntermediateNew
Threat Model a Water-Utility SCADA Network Before a Migration
Review provided network diagrams (current and proposed), the asset inventory (around 180 PLCs (programmable logic controllers), 22 engineering workstations, 6 historian servers)…
- Threat Modeling
- Ics Security
- Scada
Cyber-Physical and Cybercrime Topics - AnalysisIntermediateNew
Secure-by-Design Review of a Microservices Auth Subsystem
Read the 18-page proposed auth-service design (Next.js BFF, FastAPI auth-service, Postgres for sessions + refresh, Redis for short-lived tokens, integration with Auth0 for OIDC)…
- Secure Design
- OWASP Asvs
- Oauth2
Software Security - DesignIntermediateNew
Intrusion Detection at the Edge for a Tier-1 Auto Supplier's OT Network
Receive an anonymized network diagram for 1 plant, sample pcap (packet capture) traffic of Modbus + OPC UA + PROFINET flows, and a list of 10 known OT attack scenarios from MITR…
- Intrusion Detection
- Ot Security
- Zeek
Network Security - AnalysisBeginnerNew
Threat-Model a Patient-Intake Web App for a Telemedicine Startup
Receive the architecture diagram (Next.js front-end, Node.js API, PostgreSQL, S3 for ID-photo uploads, Clerk for auth), the data-flow description for patient intake, and the SOC…
- Threat Modeling
- STRIDE
- Risk Assessment
Introduction to Computer Security Get recognized by recruiters and employers.
Credentials are blockchain-anchored via LearnCoin — tamper-evident, portable, link-shareable on LinkedIn and beyond.
Why Ewance
- CodeIntermediateNew
Static Analysis SAST Rollout on a Fintech Codebase
Run baseline scans with Semgrep + SonarQube + Snyk Code across all 18 services. Triage the initial findings (likely 800-1,500 raw alerts) into true-positive / false-positive / i…
- Sast
- Semgrep
- Sonarqube
Software Security - CodeIntermediateNew
Implement Authenticated Encryption for a Document Service
Design the envelope-encryption hierarchy: customer Key Encryption Key (KEK) held in AWS KMS (Key Management Service), Data Encryption Keys (DEKs) wrapped per document. Use AES-2…
- Applied Cryptography
- Aead
- Key Management
Applied Cryptography - CodeIntermediateNew
Implement Federated Learning for a Government Statistics Office
Use Flower as the FL framework. Simulate 8 municipalities each with a partition of a synthetic wage dataset (provided, 1M rows, EU-Labour-Force-Survey schema). Train a gradient-…
- Federated Learning
- Differential Privacy
- Python Programming
Privacy-Enhancing Technologies - AnalysisSeniorNew
Forensic Reconstruction of an Anonymized Energy-Grid Incident
Triage the artifacts using a timeline-first methodology. Build a unified timeline across syslog, historian, firewall, and disk-image artifacts (Plaso super-timeline). Identify c…
- Digital Forensics
- Incident Response
- Ics Security
Cyber-Physical and Cybercrime Topics
How it works
From brief to credential, in six steps.
Step 01
Browse challenges aligned to your studies.
Step 02
Accept the one that fits your goals.
Step 03
Work through it with AI Copilot guidance.
Step 04
Submit for structured evaluation.
Step 05
Earn a verified credential.
Step 06
Add it to LinkedIn with one click.
Industry teams behind a decade of practitioner briefs
Hiring from this pool?
Sponsor a challenge and meet candidates through actual work.
Industry teams can shape briefs around the skills they hire for, then evaluate students on rubric-scored deliverables — not resumes.



















































































