September 25, 2025

Inaugural Red vs. Blue cybersecurity competition held at University Park

UNIVERSITY PARK, Pa. — The Penn State Competitive Cyber Security Organization (CCSO) recently hosted its first full-scale Red vs. Blue cybersecurity competition. The live, hands-on event pitted a team of attackers (the red team) against a teams of defenders (the blue teams) to replicate a real-world cyberattack experience.

“We hosted this competition to give students experience in both defending and responding to cyberattacks,” said Maguire Younes, a third-year student majoring in cybersecurity analytics and operations in the College of Information Sciences and Technology (IST) who organized the event. “We aimed for enterprise-level complexity and employed a pirate theme that would be engaging for the students.”

The competition environment was hosted on CCSO’s server, spanning 28 machines across multiple operating systems and including everything from web servers and databases to Active Directory domain controllers. For four and a half hours, blue teamers took on the challenge of defending systems while facing off against red team attackers.

“The red team worked tirelessly to compromise machines, shut down services and simulate realistic adversary tradecraft,” Younes said. “The blue teams raced to detect intrusions, patch vulnerabilities and restore critical systems under pressure. The energy in the room was nonstop, and the pirate theme made it even more fun and memorable.”

IST’s Nick Giacobe, associate teaching professor, and Matt Ruff, lecturer, served as c-suite executives to make the event feel like a real business under pressure. Throughout the competition, the students briefed the simulated executives on the evolving situation.

In all, more than 40 people were involved, making it CCSO’s largest and most complex event to date.

“It was incredible to see this event finally come to life,” Younes said. “We had been working since January to design, build and launch a pirate-themed cyber range that would challenge both attackers and defenders in realistic ways.

“But it was not just about technical skills. It also promoted teamwork, communication and learning how security decisions affect an organization. And it connected students with faculty and professionals that highlighted the cybersecurity talent we have here in IST.”

row of college students standing in front of a class — Blue Team 1, pictured with event organize Maguire Younes (left) and CCSO faculty adviser Nick Giacobe (right), took first place in the Red vs. Blue Competition.

**Credit:** Provided

group of college students address class — Blue Team 2 brief c-suite executives on the evolving cybersecurity situation.

**Credit:** Provided

image of malware beacons on blue background — Active Sliver malware beacons inside the environment.

**Credit:** Provided

college students at laptops in classroom — Blue Team 2 worked tirelessly to fix vulnerabilities and active Red Team intrusions.

**Credit:** Provided

college student in red shirt addresses class from podium — Following the competition, Red Team captain Jon Skeete briefed the teams on what exploits were used.

**Credit:** Provided

several college students in red t-shirts work at laptops — The Red Team spent hours hacking into the systems the Blue Teams were tasked to defend.

**Credit:** Provided

college classroom with students at laptops — Blue Team 1 worked to fix vulnerabilities and ward off active Red Team intrusions.

**Credit:** Provided

Legal Statements