- CodeAdvancedNew
Apply Differential Privacy to a HealthTech Analytics Dashboard
Wrap the existing analytics layer with OpenDP (or Google's differential-privacy library). Implement epsilon-delta accounting: per-query Laplace noise for counts and sums, Gaussi…
- Differential Privacy
- Privacy Budget
- Python Programming
Privacy-Enhancing Technologies - DesignAdvancedNew
Authentication + RBAC for a Multi-Workspace SaaS
Design the auth architecture: identity provider (managed), session model (JWT with rotation), workspace-membership claims, RBAC permission model (4 default roles, custom-role ca…
- Authentication
- Rbac
- Sso
Engineering Software as a Service - DesignAdvancedNew
Design a Secure Wi-Fi Onboarding Flow for IoT Devices
Design a BLE-based onboarding protocol: device advertises a service UUID on power-on, the companion app discovers, performs an ECDH key exchange, then encrypts and sends Wi-Fi S…
- Link Layer Protocols
- Ble
- Secure Onboarding
Computer Networks - CodeAdvancedNew
Supply-Chain Hardening: SLSA-Aligned Build Pipeline for an Apache Project
Audit the project's current release pipeline (GitHub Actions, release-script). Map the current state against the SLSA v1.0 requirements (source, build, provenance, dependencies)…
- Supply Chain
- Slsa
- Sigstore
Open Source Contribution and Maintainership Practice your coursework on real scenarios.
Every challenge is shaped from real industry context — not generic exercises. The work mirrors what your degree prepares you for.
Why Ewance
- AnalysisAdvancedNew
GDPR + AI Act Compliance Assessment for an HR-Tech Vendor
Audit the candidate-screening product against: GDPR Articles 5, 6, 13, 14, 22, 25, 32, 35; AI Act high-risk-system obligations (Annex III - employment); plus the customer's spec…
- Compliance
- Privacy Regulation
- Gdpr
Information Security Management and Governance - DesignAdvancedNew
Threat Model a HealthTech Patient-Portal Web App
Read the 25-page redesign architecture document (auth via Clerk, Next.js front-end, FastAPI backend, Postgres, S3 for documents, webhook integration with EMRs). Build data-flow …
- Threat Modeling
- Stride
- Secure Design
Software Security - AnalysisAdvancedNew
Penetration-Test the TLS Configuration of an Edge Fleet
Receive read-only access to a 50-node representative sample (anonymized). Scan with testssl.sh + Qualys SSL Labs (where reachable) + a custom Go tool you write to test specific …
- Tls
- Applied Cryptography
- Penetration Testing
Applied Cryptography - DesignAdvancedNew
Detection Engineering for Cloud DDoS Against a Public-Sector Portal
Receive sanitized logs from the 2 prior incidents (CloudFront, ALB, WAF) and the current AWS architecture. Design: 6 Sigma detection rules (mix L7 floods, slow-POST, low-rate di…
- Ddos Defense
- Detection Engineering
- Waf
Network Security - Browse challenges
Explore role
Product Manager
Ship product that solves real user problems. Combine user research, prototyping, and stakeholder alignment to turn ambiguous briefs into measurable wins — the role at the centre of modern software teams.
- AnalysisAdvancedNew
Network Privacy Posture Review of a Fintech's Internal Service Mesh
Receive an anonymized service inventory (110 services with owner, data classification, traffic volume buckets) and a sample of east-west traffic logs (5 high-volume service pair…
- Network Privacy
- Mtls
- Service Mesh
Network Security - CodeAdvancedNew
Secure the Software Supply Chain of an Open-Source SDK
Audit the current state: dependency tree, publish process, GitHub Actions workflows, signing posture. Generate an SBOM (CycloneDX format) using Syft. Run OpenSSF Scorecard and t…
- Supply Chain Security
- Slsa
- Sbom
Software Security - CodeAdvancedNew
Fuzz a Memory-Unsafe Image-Parsing Library
Identify 3 critical parser entry points (DICOM dataset parser, JPEG 2000 decoder, TIFF directory parser) and write a libFuzzer harness + an AFL++ harness for each. Build with AS…
- Fuzzing
- Memory Safety
- Address Sanitizer
Software Security - CodeAdvancedNew
Static Analysis SAST Rollout on a Fintech Codebase
Run baseline scans with Semgrep + SonarQube + Snyk Code across all 18 services. Triage the initial findings (likely 800-1,500 raw alerts) into true-positive / false-positive / i…
- Sast
- Semgrep
- Sonarqube
Software Security Build a verifiable portfolio.
Submissions become evidence. Reviewers with shipping experience score against a rubric; the result becomes a credential anyone can verify.
Why Ewance
- AnalysisAdvancedNew
Build a Risk Register for a Cross-Border Healthcare Provider
Run 8 structured interviews (CISO, IT director, clinical-systems lead, DPO, 4 clinic managers) to surface the top risk candidates. Map each risk against NIST SP 800-30 (threat s…
- Risk Management
- Nist Sp 800 30
- Security Governance
Information Security Management and Governance - CodeAdvancedNew
Harden a Linux Container Runtime Against Privilege Escalation
Receive the pen-test report (with attack chain), the current cluster config (EKS 1.29, default Amazon Linux 2023 worker nodes), and 3 representative workload classes (web API, a…
- Os Security
- Linux Hardening
- Apparmor
Computer Systems Security - AnalysisAdvancedNew
Run a Red-Team Exercise on a Cloud-Native Microservices Platform
Receive a scoped engagement letter (in-scope: 6 microservices and their CI/CD pipelines; out-of-scope: customer-data exfiltration beyond proof-of-access), the architecture diagr…
- Red Teaming
- Kubernetes Security
- Lateral Movement
Computer Systems Security - DesignAdvancedNew
Author an Incident Response Playbook for a Fintech Startup
Author a 4-phase playbook (Prepare, Detect & Analyze, Contain/Eradicate/Recover, Post-Incident) covering 6 incident classes: data breach, ransomware, account takeover, payment-f…
- Incident Response
- Nist Sp 800 61
- Security Governance
Information Security Management and Governance - AnalysisAdvancedNew
Threat Model a Water-Utility SCADA Network Before a Migration
Review provided network diagrams (current and proposed), the asset inventory (around 180 PLCs (programmable logic controllers), 22 engineering workstations, 6 historian servers)…
- Threat Modeling
- Ics Security
- Scada
Cyber-Physical and Cybercrime Topics - ResearchAdvancedNew
Compiler Fuzzing Campaign on a Production C Backend
Stand up a Csmith-based generator producing 200,000+ random valid C programs over the campaign. Differential-test the target backend against a baseline C compiler (matching opti…
- Fuzzing
- Differential Testing
- Test Case Minimization
Advanced Compilers and Program Optimization - CodeAdvancedNew
Build a CodeQL Query Pack to Catch Logging-of-PII
Use CodeQL to write queries for Java and Python that detect data flow from PII sources (request parameters, database columns marked PII, user-profile fields) into logging sinks …
- Static Analysis
- Codeql
- Data Flow Analysis
Program Analysis - AnalysisAdvancedNew
Secure-by-Design Review of a Microservices Auth Subsystem
Read the 18-page proposed auth-service design (Next.js BFF, FastAPI auth-service, Postgres for sessions + refresh, Redis for short-lived tokens, integration with Auth0 for OIDC)…
- Secure Design
- Owasp Asvs
- Oauth2
Software Security - CodeAdvancedNew
Secure a LoRaWAN Sensor Network for Cold-Chain Logistics
Read the LoRaWAN 1.0.x vs 1.1 spec (the network runs 1.0.3). Design the new key management: device-unique AppKey + NwkSKey, rotation every 90 days for the warehouse devices (the…
- Lorawan
- Wireless Security
- Key Management
Wireless and Mobile Networks - DesignAdvancedNew
Intrusion Detection at the Edge for a Tier-1 Auto Supplier's OT Network
Receive an anonymized network diagram for 1 plant, sample pcap (packet capture) traffic of Modbus + OPC UA + PROFINET flows, and a list of 10 known OT attack scenarios from MITR…
- Intrusion Detection
- Ot Security
- Zeek
Network Security - AnalysisAdvancedNew
Privacy-by-Design Review for a Smart-City Data Platform
Map the new module's end-to-end data flow (sensors -> ingestion -> analytics -> dashboards -> exports). Run a Privacy Impact Assessment against OECD privacy principles + per-ten…
- Privacy By Design
- Privacy Regulation
- Compliance
Information Security Management and Governance - AnalysisAdvancedNew
Anonymous Communications Threat-Model for a Whistleblower Platform
Document the current stack's threat model using the LINDDUN framework (linkability, identifiability, non-repudiation, detectability, disclosure of information, unawareness, non-…
- Anonymous Communication
- Threat Modeling
- Tor
Privacy-Enhancing Technologies - CodeAdvancedNew
Implement Authenticated Encryption for a Document Service
Design the envelope-encryption hierarchy: customer Key Encryption Key (KEK) held in AWS KMS (Key Management Service), Data Encryption Keys (DEKs) wrapped per document. Use AES-2…
- Applied Cryptography
- Aead
- Key Management
Applied Cryptography
How it works
From brief to credential, in six steps.
Step 01
Browse challenges aligned to your studies.
Step 02
Accept the one that fits your goals.
Step 03
Work through it with AI Copilot guidance.
Step 04
Submit for structured evaluation.
Step 05
Earn a verified credential.
Step 06
Add it to LinkedIn with one click.
Industry teams behind a decade of practitioner briefs
Hiring from this pool?
Sponsor a challenge and meet candidates through actual work.
Industry teams can shape briefs around the skills they hire for, then evaluate students on rubric-scored deliverables — not resumes.
Skills and disciplines shown on this page are derived from the Ewance challenge catalogue. When the median annual salary is available for this role via Adzuna, it will be shown above with the sample size and country.