Computer Science
Security & Cyber Defense Challenges
Security & Cyber Defense challenges put you inside the work of protecting systems from real attack. You'll build skills around the CIA triad, authentication, identity & access management and network security, and learn to work the OWASP Top 10 and run vulnerability scanning the way defenders do.
From there you'll tackle the harder edges — threat modeling, the MITRE ATT&CK framework, SIEM operations and incident response — moving into cyber risk management, Zero Trust architecture and red team operations. Each challenge you solve earns a verified credential you can share with recruiters.
- ResearchSeniorNew
Audit a Custom Cryptographic Protocol
Read the 22-page protocol spec, the Go reference implementation (around 4,000 lines), and the test vectors. Run a structured review covering: primitive choices (which cipher, MA…
- Applied Cryptography
- Cryptographic Audit
- Protocol Analysis
Applied Cryptography - ResearchIntermediateNew
Red-Team a Customer-Service Chatbot for Jailbreak Resistance
Use a published taxonomy of jailbreak categories (prompt injection, persona override, encoded payloads, multi-turn escalation, refusal bypass, tool-misuse). For each category, d…
- Red Team Operations
- Jailbreak Analysis
- LLM Evaluation
AI Safety and Alignment - ResearchIntermediateNew
Safety-Test a Customer-Service Agent for Adversarial Prompts
You receive a sandboxed instance of the agent (a tool-using LLM that can read account balances and open support tickets — both mocked). Design a red-team suite of at least 80 pr…
- Ai Agents
- Red Team Operations
- Adversarial Prompts
AI Agents and LLM-Based Agents - CodeBeginnerNew
Build a Secure-Coding Linter Ruleset for a Backend Team
Receive the last 12 security-review findings, 3 representative repos (Node.js + TypeScript), and access to a CI pipeline (GitHub Actions). Build a custom Semgrep ruleset (or ESL…
- Secure Coding
- Static Analysis
- Semgrep
Introduction to Computer Security Practice your coursework on real scenarios.
Every challenge is shaped from real-world context — not generic exercises. The work mirrors what your degree prepares you for.
Why Ewance
- DesignIntermediateNew
Threat Model a HealthTech Patient-Portal Web App
Read the 25-page redesign architecture document (auth via Clerk, Next.js front-end, FastAPI backend, Postgres, S3 for documents, webhook integration with EMRs). Build data-flow …
- Threat Modeling
- STRIDE
- Secure Design
Software Security - DesignSeniorNew
Design a Confidential-Computing Architecture for a Genomics Workflow
Receive the workflow description (per-hospital genome BAM files uploaded to S3, processed by a variant-calling pipeline, results returned per-hospital), the partner-hospital leg…
- Confidential Computing
- Remote Attestation
- Secure Architectures
Computer Systems Security - ResearchIntermediateNew
Audit an Agentic Workflow for Safety Failures
Read the system's existing capability spec + tool-allow-list. Design 50+ adversarial inputs across categories: prompt-injection, tool-confusion, scope-escape (agent does somethi…
- Ai Red Teaming
- Agent Safety
- Prompt Injection
Multi-Agent Systems - AnalysisSeniorNew
Forensic Reconstruction of an Anonymized Energy-Grid Incident
Triage the artifacts using a timeline-first methodology. Build a unified timeline across syslog, historian, firewall, and disk-image artifacts (Plaso super-timeline). Identify c…
- Digital Forensics
- Incident Response
- Ics Security
Cyber-Physical and Cybercrime Topics - Browse challenges
Explore role
Product Manager
Ship product that solves real user problems. Combine user research, prototyping, and stakeholder alignment to turn ambiguous briefs into measurable wins — the role at the centre of modern software teams.
- DesignIntermediateNew
Spec Trust-and-Safety Eval Harness for an LLM-Powered Customer-Support Bot
You will spec a 6-page evaluation harness covering: (1) jailbreak test set (about 200 prompts across 6 attack families), (2) PII-leakage probes (about 100 synthetic-customer pro…
- LLM Evaluation
- Red Team Operations
- Pii Detection
Trustworthy AI, Robustness, and Safety - AnalysisBeginnerNew
Threat-Model a Patient-Intake Web App for a Telemedicine Startup
Receive the architecture diagram (Next.js front-end, Node.js API, PostgreSQL, S3 for ID-photo uploads, Clerk for auth), the data-flow description for patient intake, and the SOC…
- Threat Modeling
- STRIDE
- Risk Assessment
Introduction to Computer Security - CodeBeginnerNew
Find and Exploit Web Vulnerabilities on a Capture-the-Flag Range
Receive credentials to the CTF environment, the 8 challenge specifications (each with a target endpoint and a flag to extract), and the Rails source for the vulnerable app. For …
- Web Security
- OWASP Top 10
- Penetration Testing
Introduction to Computer Security - DesignIntermediateNew
Detection Engineering for Cloud DDoS Against a Public-Sector Portal
Receive sanitized logs from the 2 prior incidents (CloudFront, ALB, WAF) and the current AWS architecture. Design: 6 Sigma detection rules (mix L7 floods, slow-POST, low-rate di…
- Ddos Defense
- Detection Engineering
- Waf
Network Security Build a verifiable portfolio.
Submissions become evidence. Reviewers with shipping experience score against a rubric; the result becomes a credential anyone can verify.
Why Ewance
- DesignIntermediateNew
Design a Secure Wi-Fi Onboarding Flow for IoT Devices
Design a BLE-based onboarding protocol: device advertises a service UUID on power-on, the companion app discovers, performs an ECDH key exchange, then encrypts and sends Wi-Fi S…
- Link Layer Protocols
- Ble
- Secure Onboarding
Computer Networks - CodeBeginnerNew
Implement Authentication and Access Control for a Civic Portal
Receive the current Next.js + Express prototype, the data model (residents, requests, documents, audit log), and the 4 staff roles (resident, clerk, supervisor, auditor) with th…
- Authentication
- Authorization
- Rbac
Introduction to Computer Security - ResearchSeniorNew
Multi-Tenant Vector Isolation for a B2B Knowledge Assistant
Build a small proof-of-concept in your chosen vector store (Pinecone or Qdrant — pick one and justify) that supports 10 simulated tenants with 1,000 vectors each. Implement the …
- Multi Tenant Isolation
- Vector Databases
- Threat Modeling
Vector Databases and Embeddings - DesignSeniorNew
Design a Cross-Chain Bridge Protocol with Honest Threat Model
Read the Vitalik 'cross-chain interoperability' essay and survey 3 existing bridge designs (lock-and-mint, atomic-swap, optimistic-rollup-native). Design your protocol around a …
- Blockchain Protocols
- Smart Contracts
- Solidity
Blockchain and Decentralized Systems Engineering - AnalysisIntermediateNew
Anonymous Communications Threat-Model for a Whistleblower Platform
Document the current stack's threat model using the LINDDUN framework (linkability, identifiability, non-repudiation, detectability, disclosure of information, unawareness, non-…
- Anonymous Communication
- Threat Modeling
- Tor
Privacy-Enhancing Technologies - DesignIntermediateNew
Security Policy Overhaul for a 40-Person SaaS Scale-Up
You are the new IT security manager. Review current policies (provided in a brief), identify gaps against SOC 2 trust service criteria, and produce a new set of 5 core policies …
- Security Policy Development
- Soc 2 Compliance
- Vendor Risk Management
IT Governance and Security - DesignIntermediateNew
Design a Secure-by-Default IoT Device Provisioning Flow
Design end-to-end provisioning: factory bootstrap (per-device key pair burned at manufacture), installer flow (BLE-driven activation, Wi-Fi handoff), cloud-side enrollment (mTLS…
- Iot Security
- Secure Provisioning
- Mutual Tls
Cyber-Physical and Cybercrime Topics - DesignIntermediateNew
Authentication + RBAC for a Multi-Workspace SaaS
Design the auth architecture: identity provider (managed), session model (JWT with rotation), workspace-membership claims, RBAC permission model (4 default roles, custom-role ca…
- Authentication
- Rbac
- Sso
Engineering Software as a Service - ResearchIntermediateNew
Run an Alignment Probe on a Coding Assistant
You will design 240 probe prompts across 3 classes: (1) over-refusal (innocuous coding asks the model should fulfill), (2) insecure code patterns (asks where the model should wa…
- Red Team Operations
- Alignment Evaluation
- LLM Evaluation
Large Language Models - AnalysisSeniorNew
Cyber-Physical Security Audit for a Connected-Building HVAC System
Audit one representative tower's BMS: enumerate BACnet devices (network discovery + capability inventory), identify lateral-movement paths (tenant wifi -> guest network -> BACne…
- Cyber Physical Systems
- Ot Security
- Risk Management
Internet of Things and Cyber-Physical Systems - AnalysisIntermediateNew
Run a Red-Team Exercise on a Cloud-Native Microservices Platform
Receive a scoped engagement letter (in-scope: 6 microservices and their CI/CD pipelines; out-of-scope: customer-data exfiltration beyond proof-of-access), the architecture diagr…
- Red Team Operations
- Kubernetes Security
- Lateral Movement
Computer Systems Security - AnalysisIntermediateNew
Threat Model a Water-Utility SCADA Network Before a Migration
Review provided network diagrams (current and proposed), the asset inventory (around 180 PLCs (programmable logic controllers), 22 engineering workstations, 6 historian servers)…
- Threat Modeling
- Ics Security
- Scada
Cyber-Physical and Cybercrime Topics
How it works
From brief to credential, in six steps.
Step 01
Browse challenges aligned to your studies.
Step 02
Accept the one that fits your goals.
Step 03
Work through it with AI Copilot guidance.
Step 04
Submit for structured evaluation.
Step 05
Earn a verified credential.
Step 06
Add it to LinkedIn with one click.
Related skill families
Browse all skillsIndustry teams behind a decade of practitioner briefs
Hiring from this pool?
Sponsor a challenge and meet candidates through actual work.
Industry teams can shape briefs around the skills they hire for, then evaluate students on rubric-scored deliverables — not resumes.