Mnemonic, located in Oslo, Norway, aims to keep their customers one step ahead of cyberattacks with their team of security consultants, product specialists, and ethical hackers combined with their Argus security platform. They have 250 employees, of which 20 are software developers. Due to the nature of their work, it goes without saying that it’s critical for their team to have gone through the best cybersecurity training available. That’s why they had their summer interns, along with newer recruits, go through the Adversary security training platform.
We had the honor of talking to three of their interns Lise Millerjord, Jonathan Komada Eriksen, and Jon Breivik Smebye to find out just how much they learned with the Adversary security training platform.
We have tried other solutions, but none of them were quite as comprehensive. With Adversary we didn’t have to set anything up, so we could easily focus on the tasks and what needed to be done in the platform.
Other platforms are also not as fun. Adversary has a capture the flag-like (CTF) interface and the platform is set up like a game, so it was fun to use.
Adversary teaches you very well what can happen when there are flaws in the code. This makes you understand what not to do. When you learn how to exploit the vulnerabilities “you have a closer relationship to the problem and what you can do.” Although most software developers have heard about these vulnerabilities, they don’t really know exactly what they mean and how they can be exploited.
On top of that, Adversary also teaches you about the subtle differences between different kinds of security flaws.
There is a nice low entry level, but it gets harder and harder as you complete labs and missions.
It’s challenging, but not too steep and Adversary brings a lot of good explanations and tips.
In Adversary the tasks build on themselves, which allows us to get more of an understanding about how deep these security flaws are. Adversary also shows you the source code, so you can see exactly what’s wrong.
We got a couple of courses, but it was very theoretical and detailed focused. Adversary is very practical and provides much more “real-world” training.
In school they just show you a code snippet and say: don’t do this. Adversary would have been useful to have in University.
Jon says that he even did a specific development security course in university, but that he learned more from Adversary about actual attacks and how attackers exploit them.
I learned more in 20 hours with Adversary than in my entire university course.
The scoreboard, the competition, and the fact that it’s easy to set up and very intuitive. The application is very clean and easy to understand and everything is in one browser window.
Overall it’s a fun way to learn and is still competitive. It felt like playing a game.