The security of cloud and AI infrastructure is taking a leap forward with zeroday.cloud, a new hacking competition that aims to protect the open-source software forming the backbone of global technology. With a prize pool up to $4.5 million, this event is drawing unprecedented attention from security professionals worldwide.
Bridging the Security Gap in Open-Source
Open-source projects often serve as the foundation for critical systems, yet many lack robust incentives to attract top-tier security researchers. Zeroday.cloud, launched by Wiz Research in collaboration with AWS, Microsoft, and Google Cloud, is encouraging the discovery and responsible disclosure of zero-day vulnerabilities before they can be abused.
- Industry-wide collaboration: By bringing together cloud giants and security experts, the event demonstrates a unified commitment to strengthening digital defenses.
- Tangible impact: Vulnerabilities discovered during the competition will be rapidly addressed, benefiting organizations across sectors from healthcare to government.
Inside the Competition
Set for December 10-11 at Black Hat Europe in London, zeroday.cloud challenges participants in six key categories:
- AI: Ollama, vLLM, NVIDIA Container Toolkit (Container Escape)
- Kubernetes and Cloud-Native: Kubernetes API Server, Kubelet Server, Grafana, Prometheus, Fluent Bit
- Containers and Virtualization: Docker, Containerd, Linux Kernel (Ubuntu)
- Web Servers: nginx, Apache Tomcat, Envoy, Caddy
- Databases: Redis, PostgreSQL, MariaDB
- DevOps & Automation: Apache Airflow, Jenkins, GitLab CE
To claim victory, contestants must demonstrate a total compromise of their chosen target. This could mean achieving a full container escape or executing remote code without user interaction. All exploits are showcased live and judged by leading experts from the cloud and security industries.
Fostering Responsible Security Research
Zeroday.cloud is more than a competition—it's a platform for responsible disclosure. By working directly with vendors and cloud providers, participants ensure that critical vulnerabilities are fixed quickly and effectively, raising the bar for security across the digital ecosystem.
How to Participate
Security researchers and professionals interested in making a meaningful impact can register and find details at zeroday.cloud. The event is designed for broad participation, accelerating the identification and resolution of high-impact vulnerabilities in cloud and AI software.
A Collective Call to Action
Zeroday.cloud signals a new era in proactive cloud and AI security. With substantial incentives, industry collaboration, and an emphasis on responsible research, Wiz and its partners are setting a powerful example. The future of digital infrastructure depends on collective vigilance, innovation, and timely action from the entire security community.
Source: Wiz Blog
Zeroday.cloud: A New Hacking Competition for Cloud and AI Security