15,000+ Players of All Ages and Skill Levels Participated in the Year’s Most Fun and Festive Cybersecurity Challenge

BETHESDA, MD, February 9, 2022SANS Institute (SANS) today announced the winners of the SANS 2021 Holiday Hack Challenge as part of its closing ceremonies, delivered via webcast. In addition to the winners’ announcement, the virtual event featured a behind-the-scenes look at this year’s challenge as well as a peek into next year’s challenge, already in development.

The annual SANS Holiday Hack Challenge is a free, online cybersecurity game in which players of all skill levels and ages from across the globe tackle hands-on cyber challenges. The 2021 challenge was held from December 2021 through January 2022.

As announced today, the winners are:

  • Grand Prize Winner: Thomas Bouve (who in 2020 won Best Technical Answer)
  • Most Creative Answer: Jai Minton (who created a 3D video game based on the Holiday Hack Challenge itself)
  • Runner-Up Most Creative Answer: Joel Tan
  • Best Technical Answer: David Forsythe
  • Runner-Up Best Technical Answer: Roger Johnsen

The Holiday Hack Challenge is SANS' gift to the community, and prizes awarded at the end of the competition to the winners included cybersecurity goodies such as four-month subscriptions to the NetWars Continuous 2 cyber range, and a SANS online training course, which was awarded to the Grand Prize Winner, Thomas Bouve.

More than 15,000 players took part in the most festive cyber security challenge and virtual conference of the year. All ages and skill levels were eligible to play in this series of high-quality cybersecurity challenges, ranging from beginner to serious expert, from elementary students to cybersecurity professionals. The whimsical and spirited challenges were all designed to be a playful way to help players build critical cyber security skills to make the world a safer, more secure place. To help players develop Log4j analysis skills, the critical vulnerability that surfaced in December, the Holiday Hack Challenge included two bonus challenges: one red, one blue.

“The annual SANS Holiday Hack Challenge features a mix of challenges in cyber defense, offensive ops, digital forensics, incident response, blue team, cloud security, and more. All of the elements combine to create an interactive, social, video-game aspect where players can work together in a virtual world to solve challenges and explore the North Pole,” said Ed Skoudis, President of SANS Technology Institute and SANS Chief Holiday Officer. “A bonus is that the challenge will be available all year, long after the competition has ended, remaining open for practice and play.”

To learn more about the SANS Holiday Hack Challenge and KringleCon, click here.

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cybersecurity training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cybersecurity events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cybersecurity. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master’s and bachelor’s degrees, graduate certificates, and an undergraduate certificate in cybersecurity. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to manage their “human” cybersecurity risk easily and effectively. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community.