As an educational company, we strive to make sure our community partakes in our growth. We believe all of our students have wonderful experiences and ideas. When it pertains to our BTLO platform, we allow Defenders to upload their investigations for our bi-weekly releases—assuming they meet our requirements and rules.
How to Submit an Investigation?
1. Contact Us:
If you're ready to showcase your content on our platform, reach out to malik.girondin@securityblue.team with the subject line: "Community Content Submission". Provide an overview of the content you wish to build. The BTLO team will review it to ensure that it has not been built before and that it is appropriate for the platform.
2. Submission Process:
After your content has been approved, run the simulation locally, zip the artifacts, and email them to BTLO. Provide a walkthrough document as well as a document containing content details, questions, and answers.
Content Requirements:
Lab Domain: The label for the content must reside within one of these 5 domains: Incident Response; Digital Forensics; Security Operation Center; Reverse Engineering; or Threat Intelligence.
Lab Title: The longer the characters, the harder it is to fit within our thumbnail images. Visit our BLTO website as reference and look at our active/retired content.
Scenarios: All content must have a scenario related to the lab. If not, we may need to redact it for clarity.
Tools and MITRE IDs: List the required tools and MITRE IDs, excluding those used in your questions.
Difficulty Levels: Follow our difficulty system: Easy (25 points), Medium (50 points), Hard (100 points). Please, label your lab with the appropriate level. If you’re unsure you can reach out to a BTLO Content Engineer to discuss or let us know in the email.
Lab Environment OS: Labs must use Windows or Linux (Ubuntu).
Hints and Formats: Ensure questions are clear. Use hints sparingly for higher difficulty labs. All questions need clear formats. For example, for an IP (3.23.45.123), the format should be X.XX.XX.XXX.
Character Limit: Questions must stay within our 100-character limit. Avoid copy-and-pasting beyond this threshold.
Quality Assurance: Include a detailed write-up or video explaining the process of answering questions. Unsolvable labs won't be added. All submitted labs will be quality-assured and tested by our in-house content engineers. Suggestions and changes will sprout from this, so your lab might be tweaked depending on the findings.
Authorship: If you want to be recognized as the BTLO Author, please send us your BTLO email. By default, names are not listed for privacy’s sake.
Then once approved send an email with:
Subject line: Community Content Submission – [Lab Name] – [Domain] – [Difficulty]
The email should have the required information listed in the content section
Disclaimer:
- Investigations and labs created by the community must NOT be used on other competitive platforms—before or after submission.
- Community Content can be monetized as part of an event, allowed to be played for free, and included in bi-weekly releases for our subscribed members.
Community developers will receive compensation for their work and a Community Content Engineer badge for their profile. This will be paid after content is accepted through QA and an invoice is supplied by Security Blue Team.
If you have any questions, feel free to reach out. We look forward to collaborating and enriching the learning experiences of our 65,000+ defenders!