K0NSULT // ai-truth/ipIII
k0nsult.cloud / ai-truth / ipIII / hackaton / en

Hackathon β€” "K0NSULT POLAND: National Attack/Defense"

A national cyber/AI exercise in a CTF format on an isolated cyber-range. The narrative axis: K0NSULT vs the rest of Poland vs the rest of the world β€” treated as an honest benchmark ladder, not a claim of superiority. A position on the ladder is to be earned and measured with the same rubric; until comparative data exists, the status is GAP.

NOTE β€” program in planning. This is a project page (staging, NOINDEX). The hackathon has not yet launched: there is no registration, so every participant figure is a target, not a fact (status GAP / PLANNED). Partners (banks from a instytucji finansowej group, national CERT, universities, the ministry) are indicated anonymously, status PUBLIC_CLAIM β€” to be confirmed. All results, rankings and offensive scenarios are SIMULATION on an isolated range β€” zero payloads and zero real targets.
Not "we are the best". The sentence is: let us be measured by the same rubric.

The benchmark ladder exists to honestly place K0NSULT beside the national and global frontier and to measure the distance with proof, not a declaration. Every tier starts from the same evidence-first rubric: ATT&CK coverage, MTTD/MTTR, evidence completeness, GAP count.

FUNNEL: ONLINE QUALIFIERS→16 REGIONAL SEMI-FINALS→NATIONAL ON-SITE FINAL→ROSTER 50k

Benchmark ladder β€” 3 tiers

Three reference levels. K0NSULT's position is not declared up front β€” it is a hypothesis to be proven in the exercise. The absence of hard comparative data from the PL/WORLD tiers = GAP to be closed by registration and results.

Tier Β· national

REST OF POLAND PL

Target 10,000 pentesters and defenders PLANNED. Ecosystem: national CERT, CSIRT, sectoral teams, university labs and student clubs, institutional red/blue teams. A reference point for national SOC maturity.

GAP β€” no registration, the number is a target.

Tier Β· global

REST OF THE WORLD WORLD

Global red teams and the standard of international CTFs: DEF CON CTF format, Hack The Box, TLPT (DORA) / TIBER-EU style exercises. A reference for "how far to the best". Public methodological benchmarks.

PUBLIC_CLAIM β€” a methodological reference, not a ranking.

Tier Β· host

K0NSULT K0

The differentiator: an AI swarm + the evidence-first doctrine. Measured by the SAME rubric as PL and WORLD β€” no easy pass. K0NSULT's result is published as an exercise SIMULATION, not a championship title.

SHARED RUBRIC β€” an honest measure of distance.

Participation target PLANNED

The numbers below are program targets (ROADMAP), not confirmed registrations. Until sign-up opens, the status stays GAP.

10,000
Participants (target)
PLANNED Β· no registration = GAP
16
Regional semi-finals
ROADMAP Β· regional spread
5
Tracks
Red/Blue/Purple/AI/GRC
3
Benchmark tiers
PL Β· WORLD Β· K0NSULT
50,000
Target roster
ROADMAP Β· recruitment funnel
0
Real targets in scope
isolated cyber-range only

5 tracks

Red attack/defense

Attack/defense CTF on an isolated cyber-range. Offensive methodology (recon β†’ exploitation β†’ post-exploitation) only against synthetic sandbox targets. Zero payloads published, zero real systems.

SIMULATION

Blue detection/DFIR

Detection, threat hunting, DFIR, SOC work: rule building, log correlation, artefact analysis, chain of custody. Scored for speed and evidence quality, not for spectacle.

SIMULATION

Purple coordination

Red↔Blue coordination, MITRE ATT&CK matrix coverage, validation of detections against executed techniques. Reward for maximal, proven coverage.

SIMULATION

AI / Agent Security K0 differentiator

Prompt injection, agent hijack, model extraction/poisoning, LLM red-teaming, human-in-the-loop oversight. The AI incident class treated as first-class security β€” K0NSULT's signature.

SIMULATION

GRC tabletop

Tabletop exercises: DORA, NIS2, AI Act. Reporting clocks 24h/72h, the decision to notify the authority, an audit trail. The cleanest compliance process wins, not the fastest exploit.

SIMULATION

Shared rubric evidence-first

Every track is settled by the same denominator: detection proof, MTTD/MTTR, chain of custody, zero GAP. This binds the 5 tracks into one comparable result.

β†’ Leaderboard

Program phases

Phase 1 Β· Online qualifiers (mass). Open, remote CTF challenges. Goal: run thousands of participants through the shared rubric and select the best teams in each tier and track. PLANNED
Phase 2 Β· Semi-finals across 16 regions. Regional on-site/hybrid rounds, coordinated with universities and sectoral CSIRTs. Levelling geographic access. ROADMAP
Phase 3 Β· National on-site final. Semi-final winners on one isolated range, results broadcast as SIMULATION. A direct entry into the recruitment funnel. ROADMAP

Evidence-first scoring

One currency: proof. Points do not flow for merely "capturing the flag" but for a documented effect.

MetricWhat it measuresDirection
Detection proofWhether the event has an artefact (log, hash, screenshot, IoC)required
ATT&CK coverage% of techniques detected/covered against the scenariohigher = better
MTTDMean Time To Detect β€” median time to detectionlower = better
MTTRMean Time To Respond β€” median time to responselower = better
Evidence completeness% of reports with a full chain of custodyhigher = better
GAP countNumber of claims without evidentiary backing0 = target

Infrastructure and safety

Isolated cyber-range

A sandbox per team, separated from the Internet and production systems. Real targets = OUT OF SCOPE. Attacks only on synthetic exercise infrastructure.

Zero public payloads

The page contains and will contain no payloads or offensive instructions. We publish methodology and results, not weapons.

Written authorization (RoE)

Without a signed Rules of Engagement and consent β€” no action (status GAP). Safe harbor only for authorized, defensive actions.

β†’ Rules of Engagement

Partners (anonymous)

Names will be given after confirmation. Until then β€” categories only, status PUBLIC_CLAIM.

Banking sector instytucji finansowej

Institutions from the group of globally systemically important banks β€” anonymous. PUBLIC_CLAIM

CERT / national CSIRT

Coordination with the national CSIRT, program notification. PUBLIC_CLAIM

Universities

Student clubs, labs, a recruitment channel. PUBLIC_CLAIM

Ministry / regulator

The cyber ministry β€” framework oversight and coherence with NIS2. PUBLIC_CLAIM

Effect: the recruitment funnel

The hackathon is the top of the funnel. Participants with a proven result enter the specialist roster (target 50,000 ROADMAP), from which task swarms are formed.

PATH: QUALIFIERS→SEMI-FINAL→FINAL→EVIDENCE VERIFICATION→ROSTER 50k

β†’ Specialist roster (50k)

Overriding principle. The "PL vs world vs K0NSULT" ladder is a measurement tool, not a boast. The position is to be earned and measured by the same evidence-first rubric. Any participant number without registration is a hypothesis (status GAP), not a fact. Partners stay anonymous until confirmed.

Related