The Big IAM Challenge: Test Your Cloud Security Skills

Put yourself to the test with our unique CTF challenge and boost your AWS IAM knowledge. Do you have what it takes to win The Big IAM Challenge?

2 minutes read

Are you up for a challenge?

Today, we are launching "The Big IAM Challenge" — a cloud security Capture The Flag (CTF) event. The mission? Identify and exploit AWS IAM misconfigurations, and learn from real-world scenarios.

Start Challenge

Open to all skill levels

This challenge is open to everyone - from beginners seeking to learn more about IAM configurations to experienced professionals wanting to brush up on their skills. No special software, no complex set-ups - all you need is the AWS Command Line Interface (CLI), which is already integrated into the challenge's website.

The challenge consists of 6 steps, with each one focusing on a common IAM configuration mistake in various AWS services. You will have the opportunity to identify and exploit these errors while applying your knowledge in real-world scenarios.

The challenge is designed for individual participation. But we definitely encourage collaboration! You can form a team and discuss strategies with your colleagues or friends. Just remember, the challenge's completion will be individually tracked.

Claim your glory

Finishers who register will find their names honored on our live leaderboard and will receive an official certificate signifying their AWS IAM expertise.

For those of you attending fwd:cloudsec 2023 or AWS re:inforce 2023, we have a special surprise! Once you complete The Big IAM Challenge, visit our booth at these events and present your confirmation of completion to claim your prize. If you can't attend, don't worry - the challenge is accessible online from anywhere, and you can still claim your certificate.

Ready, Set, Secure!

This challenge is more than a game; it's an opportunity to enhance your cloud security skills and engage in a meaningful adventure with a community of like-minded individuals. So, are you ready to face The Big IAM Challenge?

The Big IAM Challenge represents a unique opportunity for individuals to deepen their understanding of AWS IAM configurations. It's a stimulating, hands-on experience that reflects real-world scenarios, designed to both educate and challenge. We look forward to seeing the impressive problem-solving skills and technical knowledge of all participants.

Shir Tamari, Head of Research

This challenge was designed and developed by our expert Wiz Research team. Need a helping hand or have questions? Reach out to our team at, or via Twitter (@nirohfeld, @shirtamari).

Start Challenge


Ta-da! Wiz launches Runtime Sensor to provide real-time detection and response

Agentless visibility and risk assessment paired with Wiz Runtime Sensor real-time detection for the best of both worlds

CTO Point of View: Why Wiz is launching a Runtime Sensor

Today we are excited to announce the Wiz Runtime Sensor. The sensor collects signals in real-time from the workload runtime to simplify threat detection and response in the cloud as part of our Cloud Detection and Response (CDR) capabilities.

CVE-2023-34362 RCE vulnerability in MOVEit Transfer exploited in the wild: everything you need to know

Detect and mitigate CVE-2023-34362, a remote code execution vulnerability in MOVEit Transfer exploited in the wild. Organizations should patch urgently.
EVEN MORE TO DISCOVERReady to see for yourself?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
Chipotle Logo
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Blackstone Logo
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Mars Logo
Greg PoniatowskiHead of Threat and Vulnerability Management