JetBrains × CTF.ae
Enterprise / Internal CTF

A tailored CTF for JetBrains' 200 software engineers

20 custom challenges tailored to JetBrains products, workflows, and stack. Every challenge maps to something their engineers encounter in their daily work.

20
Challenges
9
Categories
200
Participants
1 month
Duration

The Story

JetBrains had been running an internal CTF for their engineers for three years. When they decided to scale it up, they reached out to us.

What made this project different from the start was who we were working with. The team leading the CTF internally was JetBrains' security team. They knew exactly what they wanted. The discussions were technical from day one: specific vulnerability classes, real products to target, the exact level of difficulty their engineers could handle. They gave us an initial direction and trusted us to build from there.

Our researchers built 20 challenges across 9 categories, each one tailored to JetBrains engineers and tied to their actual products and workflows. Every challenge was relevant to the participants' daily work.

The Format

Teams of Two

200 software engineers paired into teams. Small teams keep participation active and ensure both members contribute.

Two Leagues

The leaderboard was split into Amateurs and Elites. Engineers self-selected their league, keeping the competition fair and the challenge level appropriate for everyone.

One Month

Jan 22 to Feb 22, 2026. A longer window accommodates distributed teams across time zones and lets participants work at their own pace alongside their regular work.

Fully Remote

JetBrains' engineering teams are globally distributed. The CTF ran entirely online, accessible from anywhere.

What We Built

20 challenges across 9 categories, each designed around the tools, languages, and workflows JetBrains engineers use daily.

AI

Challenges targeting AI-powered tools and assistants, testing prompt injection, model manipulation, and AI security.

Web

Offensive challenges against realistic web applications, covering modern frameworks and common vulnerability classes.

DFIR

A multi-part forensics investigation scenario testing incident response, log analysis, and attack reconstruction.

Reverse Engineering

Binary analysis challenges using languages and runtimes relevant to the engineering team.

Cloud

Cloud security challenges covering misconfigurations, credential exposure, and privilege escalation in AWS.

Secure Coding

Defensive challenges testing the ability to identify and fix vulnerabilities in application code.

Cryptography

Protocol analysis and implementation flaws in cryptographic systems.

Binary Exploitation

Memory corruption and deserialization challenges in compiled binaries.

DevOps

Server hardening, configuration auditing, and security best practices for teams managing production infrastructure.

Feedback

"We highly appreciate the quality of the challenges and the fact that each one was tailored to fit a real use case and become relevant to our engineers, yet challenging and fun."

Artem Ivanov

Artem Ivanov

Application Security Lead, JetBrains

Build one for your team.

We build CTFs tailored to your stack, your products, and your engineers. Every challenge relevant. Every scenario real.

Get in touch