Computer Science
Security & Cyber Defense Challenges
Security & Cyber Defense challenges put you inside the work of protecting systems from real attack. You'll build skills around the CIA triad, authentication, identity & access management and network security, and learn to work the OWASP Top 10 and run vulnerability scanning the way defenders do.
From there you'll tackle the harder edges — threat modeling, the MITRE ATT&CK framework, SIEM operations and incident response — moving into cyber risk management, Zero Trust architecture and red team operations. Each challenge you solve earns a verified credential you can share with recruiters.
- CodeIntermediateNew
Apply Differential Privacy to a HealthTech Analytics Dashboard
Wrap the existing analytics layer with OpenDP (or Google's differential-privacy library). Implement epsilon-delta accounting: per-query Laplace noise for counts and sums, Gaussi…
- Differential Privacy
- Privacy Budget
- Python Or Javascript
Privacy-Enhancing Technologies - AnalysisIntermediateNew
Run a Red-Team Exercise on a Cloud-Native Microservices Platform
Receive a scoped engagement letter (in-scope: 6 microservices and their CI/CD pipelines; out-of-scope: customer-data exfiltration beyond proof-of-access), the architecture diagr…
- Red Team Operations
- Kubernetes Security
- Lateral Movement
Computer Systems Security - ResearchIntermediateNew
Red-Team a Customer-Service Chatbot for Jailbreak Resistance
Use a published taxonomy of jailbreak categories (prompt injection, persona override, encoded payloads, multi-turn escalation, refusal bypass, tool-misuse). For each category, d…
- Red Team Operations
- Jailbreak Analysis
- LLM Evaluation
AI Safety and Alignment - PresentationBeginnerNew
Run an Incident-Response Tabletop for a Healthtech On-Call Team
Design 3 tabletop scenarios with realistic timeline injects (every 5-10 minutes, new info arrives). Run the tabletop hybrid (in-person + remote) with the 8 on-call engineers + 2…
- Incident Response
- Tabletop Exercises
- Incident Command
Site Reliability Engineering Practice your coursework on real scenarios.
Every challenge is shaped from real-world context — not generic exercises. The work mirrors what your degree prepares you for.
Why Ewance
- AnalysisSeniorNew
Cyber-Physical Security Audit for a Connected-Building HVAC System
Audit one representative tower's BMS: enumerate BACnet devices (network discovery + capability inventory), identify lateral-movement paths (tenant wifi -> guest network -> BACne…
- Cyber Physical Systems
- Ot Security
- Risk Management
Internet of Things and Cyber-Physical Systems - CodeBeginnerNew
Build a Secure-Coding Linter Ruleset for a Backend Team
Receive the last 12 security-review findings, 3 representative repos (Node.js + TypeScript), and access to a CI pipeline (GitHub Actions). Build a custom Semgrep ruleset (or ESL…
- Secure Coding
- Static Analysis
- Semgrep
Introduction to Computer Security - CodeBeginnerNew
Implement Authentication and Access Control for a Civic Portal
Receive the current Next.js + Express prototype, the data model (residents, requests, documents, audit log), and the 4 staff roles (resident, clerk, supervisor, auditor) with th…
- Authentication
- Authorization
- Rbac
Introduction to Computer Security - AnalysisSeniorNew
Forensic Reconstruction of an Anonymized Energy-Grid Incident
Triage the artifacts using a timeline-first methodology. Build a unified timeline across syslog, historian, firewall, and disk-image artifacts (Plaso super-timeline). Identify c…
- Digital Forensics
- Incident Response
- Ics Security
Cyber-Physical and Cybercrime Topics - Browse challenges
Explore role
Product Manager
Ship product that solves real user problems. Combine user research, prototyping, and stakeholder alignment to turn ambiguous briefs into measurable wins — the role at the centre of modern software teams.
- ResearchSeniorNew
Audit a Custom Cryptographic Protocol
Read the 22-page protocol spec, the Go reference implementation (around 4,000 lines), and the test vectors. Run a structured review covering: primitive choices (which cipher, MA…
- Applied Cryptography
- Cryptographic Audit
- Protocol Analysis
Applied Cryptography - CodeIntermediateNew
Prompt-Injection Hardening for a Customer-Support Agent
You receive the current agent prompt, the pen-tester's 60-attack injection test set (direct prompt injection, indirect via doc content, refusal-bypass, and exfiltration), and a …
- Prompt Injection Defense
- System Prompt Design
- Red Team Operations
Prompt Engineering - CodeBeginnerNew
Find and Exploit Web Vulnerabilities on a Capture-the-Flag Range
Receive credentials to the CTF environment, the 8 challenge specifications (each with a target endpoint and a flag to extract), and the Rails source for the vulnerable app. For …
- Web Security
- OWASP Top 10
- Penetration Testing
Introduction to Computer Security - DesignIntermediateNew
Author an Incident Response Playbook for a Fintech Startup
Author a 4-phase playbook (Prepare, Detect & Analyze, Contain/Eradicate/Recover, Post-Incident) covering 6 incident classes: data breach, ransomware, account takeover, payment-f…
- Incident Response
- NIST Sp 800 61
- Security Governance
Information Security Management and Governance Build a verifiable portfolio.
Submissions become evidence. Reviewers with shipping experience score against a rubric; the result becomes a credential anyone can verify.
Why Ewance
- DesignIntermediateNew
Security Policy Overhaul for a 40-Person SaaS Scale-Up
You are the new IT security manager. Review current policies (provided in a brief), identify gaps against SOC 2 trust service criteria, and produce a new set of 5 core policies …
- Security Policy Development
- Soc 2 Compliance
- Vendor Risk Management
IT Governance and Security - DesignIntermediateNew
Design SLO-Driven Alerts for a Telco's Subscriber API
Receive a 90-day RED (Rate, Errors, Duration) metrics export for the subscriber API across 6 endpoints and 38 weeks of paging history. Define an SLO per endpoint (e.g., 99.9 per…
- Slo Design
- Alerting
- Prometheus & Grafana
Software Observability - ResearchIntermediateNew
Red-Team Evaluation of a Refusal Policy
You receive the lab's written refusal policy (version 2.3) and a starter set of 60 red-team prompts (10 per category). Extend the set to 240 prompts (40 per category) using docu…
- Red Team Operations
- Refusal Policy
- Alignment Evaluation
Machine Learning from Human Preferences (RLHF and Alignment) - DesignIntermediateNew
Spec Trust-and-Safety Eval Harness for an LLM-Powered Customer-Support Bot
You will spec a 6-page evaluation harness covering: (1) jailbreak test set (about 200 prompts across 6 attack families), (2) PII-leakage probes (about 100 synthetic-customer pro…
- LLM Evaluation
- Red Team Operations
- Pii Detection
Trustworthy AI, Robustness, and Safety - DesignIntermediateNew
Detection Engineering for Cloud DDoS Against a Public-Sector Portal
Receive sanitized logs from the 2 prior incidents (CloudFront, ALB, WAF) and the current AWS architecture. Design: 6 Sigma detection rules (mix L7 floods, slow-POST, low-rate di…
- Ddos Defense
- Detection Engineering
- Waf
Network Security - DesignIntermediateNew
Authentication + RBAC for a Multi-Workspace SaaS
Design the auth architecture: identity provider (managed), session model (JWT with rotation), workspace-membership claims, RBAC permission model (4 default roles, custom-role ca…
- Authentication
- Rbac
- Sso
Engineering Software as a Service - DesignSeniorNew
Design a Cross-Chain Bridge Protocol with Honest Threat Model
Read the Vitalik 'cross-chain interoperability' essay and survey 3 existing bridge designs (lock-and-mint, atomic-swap, optimistic-rollup-native). Design your protocol around a …
- Blockchain Protocols
- Smart Contracts
- Solidity
Blockchain and Decentralized Systems Engineering - DesignIntermediateNew
Intrusion Detection at the Edge for a Tier-1 Auto Supplier's OT Network
Receive an anonymized network diagram for 1 plant, sample pcap (packet capture) traffic of Modbus + OPC UA + PROFINET flows, and a list of 10 known OT attack scenarios from MITR…
- Intrusion Detection
- Ot Security
- Zeek
Network Security - DesignIntermediateNew
Design a Secure Wi-Fi Onboarding Flow for IoT Devices
Design a BLE-based onboarding protocol: device advertises a service UUID on power-on, the companion app discovers, performs an ECDH key exchange, then encrypts and sends Wi-Fi S…
- Link Layer Protocols
- Ble
- Secure Onboarding
Computer Networks - DesignIntermediateNew
Threat Model a HealthTech Patient-Portal Web App
Read the 25-page redesign architecture document (auth via Clerk, Next.js front-end, FastAPI backend, Postgres, S3 for documents, webhook integration with EMRs). Build data-flow …
- Threat Modeling
- STRIDE
- Secure Design
Software Security - AnalysisIntermediateNew
Threat Model a Water-Utility SCADA Network Before a Migration
Review provided network diagrams (current and proposed), the asset inventory (around 180 PLCs (programmable logic controllers), 22 engineering workstations, 6 historian servers)…
- Threat Modeling
- Ics Security
- Scada
Cyber-Physical and Cybercrime Topics - DesignSeniorNew
Design an End-to-End Encrypted Messaging Protocol
Read the Signal protocol specifications (X3DH, Double Ratchet) and the team's current architecture (server-stored unencrypted messages). Design an E2EE protocol covering: identi…
- Applied Cryptography
- Protocol Design
- Systems Language Proficiency (Go, Rust, C++)
Applied Cryptography
How it works
From brief to credential, in six steps.
Step 01
Browse challenges aligned to your studies.
Step 02
Accept the one that fits your goals.
Step 03
Work through it with AI Copilot guidance.
Step 04
Submit for structured evaluation.
Step 05
Earn a verified credential.
Step 06
Add it to LinkedIn with one click.
Related skill families
Browse all skillsIndustry teams behind a decade of practitioner briefs
Hiring from this pool?
Sponsor a challenge and meet candidates through actual work.
Industry teams can shape briefs around the skills they hire for, then evaluate students on rubric-scored deliverables — not resumes.