Verified credentials. On-chain. Forever.Your Ewance certificates last forever — on-chain, verifiable by anyone.Learn more

Security

Security Engineer

If you like the kind of work a Security Engineer does, every challenge here gives you a chance to do that work on a real industry brief.

Skills you'll need

Recommended Challenges

· Expert only Clear

ResearchExpertNew
Audit a Custom Cryptographic Protocol
Read the 22-page protocol spec, the Go reference implementation (around 4,000 lines), and the test vectors. Run a structured review covering: primitive choices (which cipher, MA…
- Applied Cryptography
- Cryptographic Audit
- Protocol Analysis
Applied Cryptography
CodeExpertNew
Harden a Container Supply Chain to SLSA Level 3
Audit the current build and deploy pipeline against the SLSA 1.0 specification. Identify SLSA-3 gaps (typically: provenance generation, hermetic builds, two-person review, signe…
- Supply Chain Security
- Slsa
- Sigstore
DevOps and Secure Deployment
AnalysisExpertNew
Cyber-Physical Security Audit for a Connected-Building HVAC System
Audit one representative tower's BMS: enumerate BACnet devices (network discovery + capability inventory), identify lateral-movement paths (tenant wifi -> guest network -> BACne…
- Cyber Physical Systems
- Ot Security
- Risk Management
Internet of Things and Cyber-Physical Systems
StrategyExpertNew
TLS and PKI Migration to Post-Quantum for a Cross-Border Bank
Receive an anonymized TLS inventory (endpoint, current cipher suite, TLS version, certificate issuer, last rotation, business criticality) and the bank's PKI hierarchy. Score en…
- Tls
- Pki
- Post Quantum Cryptography
Network Security
Practice your coursework on real scenarios.
Every challenge is shaped from real industry context — not generic exercises. The work mirrors what your degree prepares you for.
Why Ewance
CodeExpertNew
Build a Kernel-Module Sandbox for an Untrusted Code Service
Receive the current Docker-based sandbox configuration, post-incident reports for both escapes, and the runtime requirements for Python and C++ (compilers, package availability,…
- Sandboxing
- Seccomp Bpf
- Gvisor
Computer Systems Security
CodeExpertNew
Implement Threshold Signatures for a Multi-Sig Custody Service
Read the FROST IETF draft (draft-irtf-cfrg-frost) and the underlying Schnorr signature scheme on the secp256k1 curve. Implement the FROST distributed key generation (DKG) and 3-…
- Applied Cryptography
- Threshold Signatures
- Rust
Applied Cryptography
CodeExpertNew
Build an Intrusion-Detection Rule Pack for a Manufacturing PLC Fleet
Analyze provided PCAP (packet capture) files from 3 anonymized customer sites covering normal operating windows and 2 red-team simulation windows. Implement Suricata rules for 8…
- Intrusion Detection
- Ics Security
- Suricata
Cyber-Physical and Cybercrime Topics
DesignExpertNew
Design an OS-Level Side-Channel Mitigation for a Multi-Tenant Cloud
Read 3 canonical cache-side-channel papers (provided). For each attack: characterize the threat model, the required attacker capabilities, and the OS-level invariant that, if he…
- Os Security
- Side Channels
- Virtualization
Advanced Operating Systems
Explore role
Product Manager
Ship product that solves real user problems. Combine user research, prototyping, and stakeholder alignment to turn ambiguous briefs into measurable wins — the role at the centre of modern software teams.
Browse challenges
DesignExpertNew
Design an End-to-End Encrypted Messaging Protocol
Read the Signal protocol specifications (X3DH, Double Ratchet) and the team's current architecture (server-stored unencrypted messages). Design an E2EE protocol covering: identi…
- Applied Cryptography
- Protocol Design
- Rust
Applied Cryptography
AnalysisExpertNew
Forensic Reconstruction of an Anonymized Energy-Grid Incident
Triage the artifacts using a timeline-first methodology. Build a unified timeline across syslog, historian, firewall, and disk-image artifacts (Plaso super-timeline). Identify c…
- Digital Forensics
- Incident Response
- Ics Security
Cyber-Physical and Cybercrime Topics
CodeExpertNew
Implement a Bootloader with Secure OTA for a Medical Wearable
Implement using MCUboot as the secondary-image bootloader. Set up an offline signing pipeline (Ed25519 keys, HSM-backed for production). Implement the OTA client: BLE file trans…
- Mcuboot
- Secure Bootloader
- Firmware Signing
Embedded Systems Engineering
CodeExpertNew
Build a Secure Multi-Party Computation Demo for Cross-Bank Fraud Detection
Pick MP-SPDZ as the MPC framework. Build a 4-party demo computing two protocols: (1) private set intersection of suspicious-account IDs across banks, (2) joint aggregate (count …
- Secure Computation
- Mpc
- Cryptography
Privacy-Enhancing Technologies
Build a verifiable portfolio.
Submissions become evidence. Reviewers with shipping experience score against a rubric; the result becomes a credential anyone can verify.
Why Ewance
CodeExpertNew
Reverse-Engineer and Patch an N-Day Vulnerability in a Vendor Binary
Receive the vulnerable binary (Linux ELF, x86-64), the public CVE-2025-XXXX advisory + PoC, and the bank's deployment context (RHEL 9, the binary runs as a non-root service). Lo…
- Reverse Engineering
- Binary Exploitation
- Ghidra
Computer Systems Security

How it works

From brief to credential, in six steps.

Step 01
Browse challenges aligned to your studies.
Step 02
Accept the one that fits your goals.
Step 03
Work through it with AI Copilot guidance.
Step 04
Submit for structured evaluation.
Step 05
Earn a verified credential.
Step 06
Add it to LinkedIn with one click.

Industry teams behind a decade of practitioner briefs

Hiring from this pool?

Sponsor a challenge and meet candidates through actual work.

Industry teams can shape briefs around the skills they hire for, then evaluate students on rubric-scored deliverables — not resumes.

Explore sponsorship

Skills and disciplines shown on this page are derived from the Ewance challenge catalogue. When the median annual salary is available for this role via Adzuna, it will be shown above with the sample size and country.