Analytical Skills

Verifying Assumptions	Checking network messages, protocols, file formats and other input data constraints to see if layers of abstraction are coherent and correct. Fuzzing. Enumerating and checking if failure modes, exceptions, errors are controlled, caught or anticipated. Observing and enumerating how software components or network elements are actually composed.
Gaining understanding of program or system semantics	Finding vulnerabilities,. intrusion detection. extracting program behavior sequences/tokens (e.g., syscalls). Reverse engineering systems. Extracting ROP (return oriented programming) sequences. Understanding layers of abstraction and failure modes of a program.
Gaining understanding of network organization	Mapping firewall rule sets. Comparing sets of network ACLs/understanding semantics of groups of ACLs. Efficiently identifying entities on a network. Identifying network “edge” and ingress / egress points. Enumerating existing services (e.g., nmap). Understanding layers of abstraction and failure modes of a network.
Information or knowledge extraction (i.e. “Cyber-situational Awareness”)	Extracting information from a large, opaque set of data. Analyzing a raw dump of network traffic or intrusion alerts or firewall logs. Prioritizing what to look for — “big data” problem. Mapping layers of abstraction and failure modes to patterns in data.
Gaining understanding of network system behavior / defense posture	Identifying the scope/makeup of trust surface of a network. Fingerprinting behavior of network services (e.g., probing/blackbox reverse engineering of network entities). Identifying attack path / kill chain. Not just identifying failure modes but understanding them.
How to create Emergent resilience	Recreating / recovering a system to a more resilient state; how to dynamically improve defense (especially in scenarios where you’ve been completely compromised); how to re-abstract a compromise or intrusion incident into a better design for the target system. Efficiently rebuilding the system; eliminating attack paths through cross-layer analysis.
How to create deception or confusion for an adversary	Creating artificial diversity. Namespace control. Applying probability and randomization to selectively increase complexity for the adversary to exploit failure modes.

© 2026 EDURange: A Cybersecurity Competition Platform to Enhance Undergraduate Security Analysis Skills
The Evergreen State College
Olympia, Washington

Log in — Up ↑